Case study · 2026
CIA Client Portal
An AI-drafted portal put through a four-agent adversarial audit — 55 findings, a near-rewritten server, 18/18 smoke tests, and promotion to an always-on supervised service.
A self-service client portal — projects, files, tickets and resources
- Industry
- Proof build · Client operations
- Engagement
- Agent-built draft → 4-agent audit → hardening rewrite → always-on service
- Result
- An AI-drafted portal put through a four-agent adversarial audit — 55 findings, a near-rewritten server, 18/18 smoke tests, and promotion to an always-on supervised service.
The challenge
Consultancies bleed time into email threads: where's the latest report, what's the project status, who's handling the invoice query. A portal fixes that — but a portal is also exactly where software risk concentrates, because sign-in, sessions and file upload/download are the classic attack surface. It's the last thing you want built carelessly.
The first draft of this one was built by an autonomous AI agent team working a board ticket. It looked complete — pages, tables, buttons, the lot. "Looks complete" is precisely the trap with AI-built software: underneath were hardcoded tables, placeholder alerts and pages that never spoke to a real API. The interesting question isn't whether AI can draft a portal in an afternoon — it can — it's what it takes to make that draft genuinely trustworthy.
And it had to graduate from somebody's terminal to something client-facing in behaviour: surviving reboots, restarting itself if it dies, with logs and a health probe — a service, not a demo that lives as long as the laptop lid stays open.
What we built
We audited before we polished: four AI agents reviewed the draft independently and adversarially, and between them surfaced 55 findings across security, correctness, accessibility and operations. That list — not the feature list — set the work order, and the server was near-rewritten around it.
The hardening is specific and checkable. Sessions use crypto-random identifiers with an enforced 8-hour expiry, periodic eviction and genuine server-side logout invalidation; sign-in is rate-limited per IP; uploads go through real storage with sanitised filenames and size caps, and downloads and sharing require an authenticated session. Input lengths are bounded, the error handler never leaks a stack trace, and even the 404 is branded. On the front end every page was wired to its real API — no stub tables left — with all interpolation routed through an escape guard against XSS, the session re-validated on every page load, and accessibility brought up to AA: landmarks, skip links, contrast and 44px touch targets.
Then we proved it and made it permanent: 200 concurrent requests without error, an 18-for-18 smoke suite, the full browser journey — sign-in to dashboard to tickets, files and resources — with zero dead links. The portal now runs as a supervised macOS service with keep-alive (kill it and it respawns, which we verified), logs on disk and a health endpoint for liveness checks — restyled throughout to the CIA brand with no CDN dependencies.
The outcome
What exists is a working portal doing the actual job: sign in, see projects with progress and activity, upload and share real files, raise and track tickets, browse the shared resource library — running for days as a supervised service rather than a process in someone's terminal.
We'll be honest about its scope: it is deliberately a demonstration build. Credentials are demo accounts and the data store is in-memory by design; wiring in a real user store, a database and a content-security policy is the documented next step, not a hidden gap. The hardening pattern — audit, rewrite, verify, supervise — is the part that carries to production unchanged.
The meta-story is the point. Our delivery model is AI does the drafting and governance makes it shippable — and this build shows the second half working: 55 findings caught by our own adversarial audit before a client ever saw the portal. That's the gap between "an AI built it" and "you can trust it" — and closing that gap is exactly what we sell.
“An AI agent team drafted it; a four-agent adversarial audit found 55 reasons it wasn't ready. Closing that gap — audit, rewrite, verify, supervise — is the difference between 'an AI built it' and 'you can trust it'.”
Five safeguards, in plain English
What it actually does to keep your code and data safe — without the jargon.
Sign-ins are rate-limited and sessions actually expire
Repeated failed logins from one address are cut off; sessions use crypto-random identifiers, expire server-side after eight hours, and logging out genuinely invalidates the session rather than just hiding the button.
Uploads can't smuggle anything in
Filenames are sanitised, sizes are capped, and every download or share requires an authenticated session — a link can't be walked into by guessing.
No pages pretending to work
Every screen talks to its real API — the stub tables and placeholder alerts from the first draft are gone, and everything rendered from data passes through an escape guard against script injection.
It can't quietly die
The portal runs as a supervised service: kill the process and it respawns (we tested exactly that), with logs on disk and a health endpoint a monitor can watch.
Errors never leak internals
Failures return clean, branded responses — a JSON error or a designed 404 — never a stack trace or a file path that maps the system for an attacker.
How this compares
Indicative — the same scope, delivered three different ways.
UK agency
2–3 months
£30k–£60k
Solo freelancer
1–2 months
£15k–£30k
Consultancy in Action — AI-accelerated
Draft in hours · hardened in a day
A fraction
By the numbers
What was delivered — verified facts from the build, not projected returns.
Built with
- Node.js
- Express
- Multer (real file storage)
- Vanilla JS (no framework)
- launchd (keep-alive service)
- XSS escape guard
- CIA brand system
Want something built like this?
We design and ship real, data-driven products — not demos. Tell us what you're trying to make and we'll talk through fit.