Inspiration
AI agents are quickly moving from recommending actions to executing them. But when the action involves money, users need clear control over what the agent can and cannot do. We wanted to explore what safe delegated execution looks like in a high-stakes environment.
What it does
VaultPilot is a personal finance execution agent that automates routine money tasks like recurring bill payments and savings transfers. It uses explicit user-defined policies, approval thresholds, secure delegated access, and an audit trail to ensure the agent operates within strict boundaries.
How we built it
We built VaultPilot with a Next.js frontend and an agent backend that includes a policy engine, risk engine, tool execution layer, and audit logger. We used Auth0 for authentication and Auth0 Token Vault to securely manage delegated access to connected providers. The app demonstrates how an agent can safely perform third-party API actions on a user’s behalf without exposing raw tokens directly in the app.
Challenges we ran into
The main challenge was designing a system where the agent feels useful without feeling dangerous. We had to decide when actions should execute automatically, when they should pause for approval, and how to make that reasoning obvious in the UI. We also focused on making Token Vault central to the architecture instead of treating it like a checkbox feature.
Accomplishments that we’re proud of
We’re proud that VaultPilot is not just a chatbot. It is a full delegated-action system with policies, risk scoring, approvals, and auditability. We also designed the user experience so the permission model is visible and understandable, which is critical for trust.
What we learned
Building agents for high-stakes workflows taught us that the future of agentic systems depends as much on identity, authorization, and explainability as it does on model quality. Secure token management and explicit user control are foundational design requirements for trustworthy AI agents.
What’s next
Next, we would expand VaultPilot with more connected providers, richer anomaly detection, better policy authoring, and stronger approval patterns such as step-up authentication and asynchronous authorization for sensitive actions. We also see this pattern applying to healthcare, commerce, and developer tooling.
Built With
- javascript
- nextjs
- phython
Log in or sign up for Devpost to join the conversation.