Enterprise-grade AI-powered vendor risk assessment platform
VIA (Vendor Intelligence & Automation) is a modern web application that leverages AI to perform comprehensive vendor risk assessments. Enter a vendor name and website, and VIA generates detailed risk profiles across five critical dimensions.
- 🔐 Cyber Risk Analysis – Security posture, vulnerabilities, and breach history
- 💰 Financial Health Assessment – Stability metrics, credit signals, and financial viability
- 📋 Compliance Evaluation – Regulatory status, certifications, and audit findings
- ⚙️ Operational Risk Review – Business continuity, dependencies, and service reliability
- ⭐ Reputation Analysis – Market perception, customer sentiment, and brand strength
- 📄 Contract Intelligence – AI-powered contract analysis for obligations and risk flags
- Node.js 18+
- npm or yarn
- OpenAI API key
# Clone the repository
git clone https://github.com/lelandsequel/VIA.git
cd VIA
# Install dependencies
npm install
# Set up environment variables
cp .env.example .env.local
# Edit .env.local and add your OpenAI API key
# Start development server
npm run devThe app will be available at http://localhost:3000
| Variable | Description | Required |
|---|---|---|
OPENAI_API_KEY |
Your OpenAI API key | ✅ Yes |
VIA/
├── app/ # Next.js App Router
│ ├── api/ # API Routes
│ │ ├── vendor/analyze/ # Vendor analysis endpoint
│ │ └── contract/analyze/ # Contract analysis endpoint
│ ├── globals.css # Global styles & JPMorgan theme
│ ├── layout.tsx # Root layout
│ └── page.tsx # Main application page
├── components/ # React components
│ ├── ScoreGauge.tsx # Circular score visualization
│ ├── RiskFactorCard.tsx # Risk category display
│ ├── VendorForm.tsx # Input form component
│ └── VendorDashboard.tsx# Results dashboard
├── lib/ # Utilities
│ └── openai.ts # OpenAI client configuration
├── types/ # TypeScript definitions
│ └── vendor.ts # Vendor & risk type definitions
└── README.md
Analyzes a vendor and returns a comprehensive risk profile.
Request Body:
{
"vendorName": "Salesforce",
"website": "https://salesforce.com"
}Response:
{
"id": "uuid",
"name": "Salesforce",
"website": "https://salesforce.com",
"overallScore": 85,
"summary": "Enterprise SaaS provider with strong security...",
"riskFactors": [
{
"category": "cyber",
"score": 88,
"summary": "Strong security posture...",
"signals": ["SOC 2 Type II certified", "..."]
}
],
"lastUpdated": "2024-01-15T10:30:00Z"
}Analyzes an uploaded contract file for key terms and risks.
Request: multipart/form-data with file field
Response:
{
"renewalDate": "2025-12-31",
"terminationClause": "90 days written notice required",
"keyObligations": ["Data processing agreement", "..."],
"riskFlags": ["Auto-renewal clause", "..."],
"overallSummary": "Standard enterprise agreement..."
}VIA uses a custom JPMorgan-inspired design system:
| Color | Hex | Usage |
|---|---|---|
| Navy | #0C2340 |
Primary background |
| Corporate Blue | #1D4E89 |
Secondary elements |
| Slate | #4A6378 |
Borders, muted text |
| Soft Blue | #6AAEDB |
Accents, links |
| Teal | #0A6F77 |
Risk accents |
| Compliance Green | #5A7D5A |
Low risk indicators |
- ≥80 – Green (Low Risk)
- 60-79 – Blue (Moderate)
- 40-59 – Amber (Elevated)
- <40 – Red (High Risk)
- Framework: Next.js 16 (App Router)
- Language: TypeScript 5
- Styling: Tailwind CSS 4
- AI: OpenAI GPT-4o
- Font: Inter (Google Fonts)
MIT License – see LICENSE for details.
Built with ❤️ for enterprise vendor risk management