Compliance Auditor

AI-powered document compliance analysis application built with Next.js, Supabase, and OpenAI/Anthropic.

Features

• Document Upload: Support for PDF, Word documents (.docx), and text files
• AI-Powered Analysis: Automatic compliance risk detection using OpenAI GPT-4 or Anthropic Claude
• Risk Detection: Identifies PII, financial data exposure, GDPR/CCPA issues, security vulnerabilities, and contract risks
• User Authentication: Secure authentication with Supabase Auth
• Dashboard: Overview of all documents and compliance status
• Detailed Reports: Risk flags with severity ratings and actionable recommendations

Tech Stack

• Frontend: Next.js 14 (App Router), React 18, TypeScript
• Styling: Tailwind CSS, Shadcn UI
• Backend: Next.js API Routes
• Database: Supabase (PostgreSQL)
• Storage: Supabase Storage
• Authentication: Supabase Auth
• AI Providers: OpenAI GPT-4, Anthropic Claude

Getting Started

Prerequisites

• Node.js 18+
• npm
• Supabase account
• OpenAI API key and/or Anthropic API key

Quick start (new project setup)

1. Clone and enter the repository: bash git clone <your-repo-url> cd <your-repo-directory>

2. Run the bootstrap script: bash bash scripts/bootstrap.sh

3. Update .env.local with real values: env NEXT_PUBLIC_SUPABASE_URL=your_supabase_url NEXT_PUBLIC_SUPABASE_ANON_KEY=your_supabase_anon_key SUPABASE_SERVICE_ROLE_KEY=your_supabase_service_role_key OPENAI_API_KEY=your_openai_api_key ANTHROPIC_API_KEY=your_anthropic_api_key

4. Set up the database by running supabase/schema.sql in Supabase SQL Editor.

5. Start the development server: bash npm run dev

6. Open http://localhost:3000 in your browser.

Project Structure

.
├── app/
│   ├── (auth)/           # Auth pages (login, signup)
│   ├── (dashboard)/      # Protected dashboard pages
│   ├── api/              # API routes
│   └── auth/             # Auth callback handler
├── components/
│   ├── ui/               # Shadcn UI components
│   └── ...               # Custom components
├── lib/
│   ├── ai/               # AI provider integrations
│   ├── parsers/          # Document parsers (PDF, DOCX, TXT)
│   └── supabase/         # Supabase client configurations
├── scripts/
│   └── bootstrap.sh      # First-time setup helper
├── supabase/
│   └── schema.sql        # Database schema
└── types/
    └── index.ts          # TypeScript type definitions

Usage

1. Sign Up/Login: Create an account or sign in
2. Upload Documents: Navigate to Upload and drag & drop your files
3. View Analysis: Documents are automatically analyzed after upload
4. Review Risks: Click on a document to see detailed risk findings
5. Configure AI: Go to Settings to switch between OpenAI and Anthropic

API Routes

• POST /api/upload - Upload and process a document
• POST /api/analyze - Trigger AI analysis on a document
• GET /api/documents - List user's documents
• DELETE /api/documents?id=<id> - Delete a document
• POST /api/reanalyze - Re-run analysis on a document

Security

• Row Level Security (RLS) ensures users can only access their own data
• Files are stored in private Supabase Storage buckets
• API keys are kept server-side only
• Authentication is required for all protected routes

License

MIT