Sovereign Agent Factory

GitLab security automation that keeps public MR comments safe while delivering private findings to the authorized owner.

Comment

Inspiration

We built Sovereign Agent Factory to solve a real privacy gap in AI-assisted code review.

Security agents can find serious issues during Merge Request analysis, but not every detail should be posted in a public discussion. Teams still need clear guidance in GitLab, while repository owners may need access to sensitive details privately.

Our goal was to create a GitLab-native workflow that keeps public collaboration safe, while still giving authorized users secure access to private findings.

What it does

Sovereign Agent Factory is a privacy-first GitLab security workflow.

When a Merge Request is reviewed, our custom GitLab Duo Flow analyzes the changes and posts a sanitized public comment with safe, actionable guidance. In parallel, a private findings payload is sent to a backend service, encrypted, and stored for the authorized owner.

The owner can open the companion app, authenticate, and review private findings without exposing sensitive details in the MR thread.

In short:

  • GitLab shows the safe public summary
  • The backend stores the private findings
  • The companion app shows the private report to the authorized owner

How we built it

We built the project in three connected layers:

1. GitLab Agent + Flow

  • A custom agent configuration defines reviewer behavior and output boundaries
  • A custom flow defines Merge Request scanning steps and tool usage
  • Public output is intentionally sanitized for safe collaboration

2. FastAPI Backend

  • Deployed on Google Cloud Run
  • Uses Firestore for owner-scoped private findings storage
  • Uses Google Secret Manager for sensitive configuration
  • Encrypts private findings before persistence
  • Provides auth challenge, login, token refresh, ingestion, and retrieval endpoints

3. Flutter Companion App

  • Acts as the private findings viewer
  • Uses a real on-device biometric prompt
  • Uses a prototype challenge-response login path to backend
  • Lists private scan history and opens detailed findings for the authenticated owner

Challenges we ran into

One major challenge was separating public MR collaboration from private security reporting without making the user experience feel fragmented.

Another challenge was staying honest about prototype scope. We wanted a credible demo without overclaiming production security guarantees, so we continuously aligned implementation, documentation, and product messaging.

We also had to integrate multiple layers smoothly:

  • GitLab agent behavior
  • GitLab flow orchestration
  • Backend encryption and storage
  • Authentication and access control
  • Companion app retrieval experience

Accomplishments that we're proud of

We are proud that we now have a working end-to-end privacy workflow:

  • Custom GitLab agent and flow
  • Privacy-safe public MR comment pattern
  • Deployed backend on Cloud Run
  • Encrypted Firestore storage for private findings
  • Owner-scoped retrieval of sensitive scan details
  • Companion app with real biometric prompt
  • Stronger prototype authentication with backend-issued nonce challenge

We are also proud of the product clarity: the architecture, implementation, and story now consistently support the same privacy-first workflow vision.

What we learned

We learned that building AI for software delivery is not only about model capability. It is also about trust boundaries, workflow design, and user clarity.

We also learned that strong product framing matters. A good submission is not just a list of features, but a clear explanation of:

  • What problem is being solved
  • Why this approach is useful
  • How the system behaves in real workflows
  • What is production-ready versus prototype-grade

Most importantly, we learned that privacy is not only a storage concern. It is a workflow design decision.

What is next for Sovereign Agent Factory

Next, we want to:

  • Connect private findings directly to the same scan artifact used by the public flow output
  • Replace demo device secrets with stronger enrollment and attestation
  • Add full device lifecycle controls such as registration, revocation, and multi-device management
  • Further polish the companion app experience
  • Make the GitLab public and private paths feel even more seamless end to end

Short Project Summary

Sovereign Agent Factory is a privacy-first GitLab security workflow that separates safe public Merge Request guidance from sensitive private findings. A custom GitLab flow posts sanitized public feedback, while a backend encrypts and stores private details for authorized owner-only viewing in a companion app.

Built With

Share this project:

Updates