Sentinel Guard AI

Autonomous Security Auditing & AI-Powered Auto-Remediation via Auth0 Token Vault.
Autonomous Security Auditing & AI-Powered Auto-Remediation via Auth0 Token Vault.

Inspiration

Manual security audits are slow, and security reports are often too technical for developers to act on quickly. I wanted to build Sentinel Guard AI—a tool that doesn't just find bugs but acts as an autonomous security engineer that explains and automatically fixes vulnerabilities in real-time.

What it does

Sentinel Guard AI is an autonomous security remediation platform. It securely connects to GitHub via the Auth0 Token Vault to scan repositories. Using the Bandit engine, it detects vulnerabilities and then leverages OpenAI GPT-4o to provide:

AI-Powered Auto-Fix: Automatically generates secure code patches to replace vulnerable code.

Intelligent Insights: Clear, conversational explanations of security risks.

Professional Audit Reports: Instant PDF generation containing the full security posture and remediation steps.

How we built it

Backend: Powered by Flask with a multi-threaded architecture for high-performance scanning.

Identity & Security: Integrated Auth0 Management API and Token Vault to securely handle GitHub personal access tokens without exposing them in the code.

AI Engine: Implemented OpenAI's GPT-4o for high-fidelity code analysis and patch generation.

Security Scanning: Core static analysis is handled by the Bandit security engine.

Challenges we ran into

The biggest hurdle was implementing the Auth0 Token Vault flow. Fetching tokens securely from the Management API while maintaining a seamless user experience required deep integration with Auth0's backend. We also overcame syntax parsing errors in the Bandit engine by optimizing how multi-file repository data is fed into the scanner.

Accomplishments that we're proud of

We successfully built a working pipeline where a user can login via Auth0, connect their GitHub, and get an Auto-Fixed version of their code in seconds. Achieving a "Client Authorized" status for our M2M application was a significant technical milestone.

What we learned

Building this taught us the importance of Secret Management. Using Auth0's Token Vault showed us how to build production-grade applications that don't rely on hardcoded environment variables for user-specific integrations.

What's next for Sentinel Guard AI

We plan to add Direct Pull Request (PR) Integration, where the AI can automatically open a PR on GitHub with the suggested security fixes, making the remediation process 100% autonomous.

Built With

auth0
bandit
flask
openai
python

Updates

yashraj kshatriya posted an update — Mar 30, 2026 04:19 AM EDT

Securing the Future of AI: Sentinel Guard AI + Auth0 In the rapidly evolving landscape of generative AI, innovation often outpaces security. My project, Sentinel Guard AI, was built to bridge this gap by providing a robust security auditing framework. However, an AI-driven security tool is only as strong as its own defense mechanisms. That is where Auth0 becomes the cornerstone of our architecture.

Why Auth0 for Sentinel Guard AI? When handling sensitive static analysis data and vulnerability reports, Identity Security is non-negotiable. Integrating Auth0 allowed us to implement a seamless, enterprise-grade authentication layer without the overhead of managing complex databases.

Key Security Integrations:

The Token Vault Concept: By utilizing Auth0’s secure token handling, we ensure that session management remains encrypted and isolated, preventing token leakage during high-frequency AI API calls.

Scalable Identity Security: Auth0’s platform aligns perfectly with our vision of providing AI Mentorship for developers, allowing us to manage different access levels for users effortlessly.

The Impact By offloading the "Identity" problem to Auth0, I was able to focus entirely on the core logic—integrating Bandit for static analysis and Google Gemini for intelligent remediation. Security isn't just a feature; it’s a foundation. With Auth0, Sentinel Guard AI is ready to help developers build faster and safer.

Log in or sign up for Devpost to join the conversation.

yashraj kshatriya posted an update — Mar 27, 2026 01:46 PM EDT

*What it does Sentinel Guard AI is a smart security auditor that doesn't just "flag" errors—it "mentors" the developer. It scans Python code for critical vulnerabilities and explains the risks in simple, conversational Hinglish using AI.

*Technical Architecture Security Engine: The core scanning is powered by Bandit (SAST), which performs deep static analysis of Python source code for security vulnerabilities (CWE-78, CWE-94, etc.).

AI Interpretation: Integrated the Google Gemini 1.5 Flash model via a multi-threaded Python backend to provide instant, conversational "AI Mentor Insights" in Hinglish.

Authentication: Secured using Auth0 for professional-grade user sessions and dashboard protection.

*Innovation Unlike traditional scanners that only show technical logs, Sentinel Guard AI bridges the gap for developers by explaining risks in a natural, easy-to-understand language.

*Deployment Note This is a developer-focused tool designed for local auditing. To run, clone the repo, install requirements.txt, and provide your own .env keys.

Log in or sign up for Devpost to join the conversation.

yashraj kshatriya started this project — Mar 27, 2026 01:40 PM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.