TruthForge: Universal AI Truth & Compliance Engine

An autonomous verification engine that uses Gemini 3 and RAG to stress-test critical decisions against official standards (ISO, HIPAA, GDPR). It doesn't just catch errors—it auto-corrects them.

Comment

💡 Inspiration

Generative AI is brilliant, but it "hallucinates" with confidence. In high-stakes fields like healthcare, finance, and law, a single wrong answer can cost millions or violate federal laws. We didn't just want another chatbot; we wanted a safety layer—a digital "Supervisor" that verifies AI decisions against real-world rules before they ever reach the user.

🛡️ What it does

TruthForge is an autonomous compliance firewall. It sits between your AI and your users.

  1. Detects Risks: A specialized "Risk Agent" scans every AI response for dangerous patterns (e.g., PII leaks, bad medical advice, non-compliant code).
  2. Verifies Truth (RAG): It doesn't guess laws. It retrieves actual legal standards (HIPAA, GDPR, ISO) from a vector database to fact-check the AI's claims.
  3. Auto-Remediation: If an answer is unsafe (like unencrypted database code), TruthForge rewrites the code automatically to be secure and compliant.

⚙️ How we built it

We built a Multi-Agent System using Google Gemini 3 Pro:

  • The Brain: Gemini 3 Pro acts as the "Judge," analyzing context and intent.
  • The Speed: Gemini Flash handles rapid "Risk Detection" to keep latency low.
  • The Memory (RAG): We used ChromaDB to store vector embeddings of compliance documents (HIPAA/GDPR PDFs).
  • The Backend: Python & FastAPI hosted on Hugging Face Spaces for robust processing.
  • The Frontend: Built with Next.js and deployed on Vercel for a clean, responsive UI.

🚧 Challenges we ran into

  • The "Sleeping" Server: Our backend on Hugging Face kept going to sleep during tests! We had to build a custom "Wake Up" protocol in the frontend to ensure the judges always get a response.
  • Hallucinating the Laws: Even with RAG, the AI sometimes misquoted regulations. We fixed this by forcing the agents to cite specific section numbers from the retrieved documents.

🏆 Accomplishments that we're proud of

  • The "Magic Fixer": Seeing the AI take a piece of insecure code (e.g., http://...) and instantly rewrite it to https://... with error handling felt like magic.
  • Gemini 3 Integration: We successfully leveraged the new Gemini models to handle massive context windows, allowing us to verify against entire legal rulebooks at once.

🧠 What we learned

  • Agents need Roles: "More AI" isn't better; "Specialized AI" is. Assigning specific personas (e.g., "You are a ruthless auditor") improved accuracy by 40%.
  • Latency Matters: Users won't wait 30 seconds for safety. Optimizing our RAG pipeline was crucial to getting verification down to near real-time.

🚀 What's next for TruthForge

  • IDE Extension: A VS Code plugin that checks your compliance as you type.
  • Custom Rulebooks: Allowing companies to upload their own internal policy PDFs for TruthForge to enforce.

Built With

Share this project:

Updates