Forensicode

Forensicode is an automated audit and validation platform designed to bring fairness, transparency, and trust to hackathon judging. It tackles two major challenges: ensuring that projects are built within the official event timeline and verifying that sponsor requirements or APIs are genuinely used rather than superficially mentioned.

The system is built around a multi-agent AI architecture. The first component, the Integrity Agent, analyzes the entire Git commit history of a submission to flag pre-hacking, unusual development patterns, and calculate contribution percentages for each team member. This helps judges see not only when the work was done but also how evenly effort was distributed.

The second component, the Requirement Validation Pipeline, operates as a duo of agents. One agent parses sponsor requirements and the team’s pitch, turning them into structured technical checkpoints. The other builds a knowledge graph of the codebase, mapping functions, imports, and dependencies to verify whether required APIs are truly integrated into the project’s active logic. This process also highlights unused or dead code that may artificially inflate the size of a project.

At the final stage, Forensicode generates an AI-driven, objective summary of what the project actually accomplishes, then compares it against the team’s submitted description to calculate a summary inflation score. Judges are given a dashboard view showing integrity scores, team contribution breakdowns, API usage verification, and inflation metrics, all visualized for quick and objective decision-making.

What makes Forensicode stand out is its combination of academic methods for commit anomaly detection, compiler-style code graph analysis, and lightweight AI agents stitched together into a system that can perform meaningful audits in the fast-paced timeframe of a hackathon. It transforms a process that is normally subjective, time-consuming, and error-prone into one that is transparent, scalable, and fair.

We built Forensicode across two repositories, client for the frontend dashboard and agent for the AI auditing backend. The backend stitches together multiple agents: the Integrity Agent analyzes commit history to detect pre-hacking and quantify contributions, while the Requirement Validation Agents parse sponsor requirements and generate a code knowledge graph to verify real API usage. The client consumes these results and visualizes integrity scores, contribution graphs, and inflation metrics in real time for judges. We used lightweight LLMs for requirement parsing and summarization, integrated graph-based static analysis tools for code auditing, and built a custom pipeline to make traditionally heavy static analysis run in hackathon timeframes. A particularly hacky challenge was adapting knowledge graph traversal into a lightweight service that can audit any repo in minutes.