Update 7:Bug 1- Scan was timing out at 5 minutes. The scanner was making 2 Gemini API calls per violation justification and remediation for every single record. With hundreds of violations, that's thousands of API calls. We replaced LLM-generated justifications with template-based ones and capped violations at 50 per rule. The scan went from timeout to seconds. Bug 2- Scan returned a 500 error after the timeout fix. SQL query results contained Python datetime objects that couldn't be stored in JSONB columns. We added serialization to convert datetimes to ISO strings before database insertion. And one infrastructure fix auto-reconnect. Railway redeploys kill the database connection. The scanner would silently lose its connection to Supabase, and scans would fail. We added auto-reconnect logic that looks up saved credentials and reconnects before every scan.

Update 6: We had 5 cascading bugs that we debugged and fixed one by one Bug 1- The AI was crashing on policy upload. Our Gemini client had an AttributeError because the base class was trying to call methods that only existed on a subclass. We restructured the LLM client inheritance so GeminiClient and LLMClient each handle their own logic cleanly. Bug 2- Policy uploaded but showed "0 rules." Gemini Pro (the validator) was returning an empty list, and our code accepted it silently. We added a check if Pro returns empty, fall back to Flash results instead of overwriting good data with nothing. Bug 3- Rules extracted, but violations still showed 0. This was a type mismatch, the backend was returning rule_count as a number, but the frontend expected a rules array. We aligned the API contract so the frontend correctly reads the response and re-fetches the full policy list from the server.

Update 4: Final polish done. Dashboard with real-time compliance metrics, trend charts, and severity breakdowns. Added configurable scheduled scans, violation review workflow (confirm/resolve/false positive), and deployed to Railway. Ready for demo!

Update 1: Project kickoff! Built the core architecture- FastAPI backend with React + TypeScript frontend. Set up PostgreSQL on Supabase and integrated Google Gemini 2.0 Flash and Gemin 2.5 Pro for AI-powered policy analysis.

Update 3: The violation detection engine is live. AI generates SQL queries from natural language rules, scans the connected database, and flags non-compliant records. Each violation comes with an AI-generated explanation and remediation suggestion.

Update 2: PDF policy ingestion is working end-to-end. Upload a compliance PDF → AI extracts rules automatically with severity levels, evaluation criteria, and target entities. Tested with an AML policy- 11 rules extracted with zero manual config.

Update 5:Changes to AI models resulted in a much faster website than the early stage build. Violation data has been added to the list, and we can now see how many edits we have made, how many pending cases there are and how many cases have been resolved under the resolve tab.