In modern software engineering, security data is fragmented. Your code lives in GitHub, your ticket ownership in Linear (or Jira), and your incident context in Slack. When a critical CVE like Log4j drops, engineers don’t just need to know what is broken; they need to know who owns it, how critical it is, and where to ping the on-call engineer.
Traditionally, connecting these dots requires writing brittle API glue code, handling pagination, managing auth tokens, and dealing with rate limits. It’s slow, expensive, and prone to errors.
I built PatchPoint to solve this. It’s an enterprise-grade Vulnerability Impact Mapper that unifies these silos into a single, SQL-queryable intelligence layer using Coral SQL.
🚀 The Problem: Context Fragmentation
Imagine you are a Security Engineer. A vulnerability scanner flags log4j-core in your auth-service repo.
- You go to GitHub to find the file path.
- You go to Linear to find who owns the
auth-service. - You go to Slack to find the
#eng-auth-oncallchannel. - You manually draft a message to Alice Chen.
This process takes hours. In a high-stakes environment, hours matter.
💡 The Solution: PatchPoint
PatchPoint automates this entire workflow. You simply type: "Check if log4j affects any Tier-1 services."
The system:
- Queries GitHub for dependencies.
- Joins Linear to resolve ownership.
- Joins Slack to find on-call rosters.
- Synthesizes an actionable Slack draft using AI.
All in seconds. All via a single SQL query.
🏗️ Architecture: Hybrid Backend & Coral MCPs
PatchPoint uses a Hybrid Architecture to balance security, scalability, and demo reliability.
1. The Backend (Python Flask)
The backend acts as a secure proxy. It holds API keys for GitHub, Linear, and Groq (LLM). It handles:
- Coral SDK Communication: Executing SQL queries against connected MCPs.
- AI Synthesis: Using Groq Llama-3 to draft incident responses.
- Fallback Logic: If real MCPs are offline, it serves high-fidelity mock data to ensure the UI never breaks.
2. The Frontend (Vite + React)
Built for speed and interactivity, the frontend features:
- Agent Flow Visualizer: Animates the cross-source join process.
- Live Threat Feed: Simulates real-time scanning.
- SQL Execution Plan: Shows the exact SQL query generated, proving the "No Glue Code" claim.
3. The Data Layer (Coral SQL)
This is the core innovation. Instead of REST APIs, I used Coral SQL to join disparate data sources.
SELECT
gh.repo_name,
gh.package_version,
lin.ticket_owner,
slack.oncall_channel
FROM github_dependencies gh
JOIN linear_tickets lin
ON gh.repo_name = lin.service_tag -- Coral maps this automatically
LEFT JOIN slack_oncall slack
ON lin.team_id = slack.team_id
WHERE gh.package_name = 'log4j'
AND lin.sla_tier = 'Tier-1';
🛠️ Tech Stack
- Frontend: Vite, React, Tailwind CSS, Framer Motion
- Backend: Python Flask, Groq API (Llama-3)
- Data Engine: Coral SQL, GitHub MCP, Linear MCP, Slack MCP
- Deployment: Vercel (Frontend), Local/Render (Backend)
Key Learnings
Building PatchPoint under hackathon constraints taught me the value of declarative data layers. By offloading API complexity to Coral, I focused on UX and business logic. I also learned the importance of resilient architecture—implementing a "Smart Fallback" ensured that even if the backend failed, the frontend could still demonstrate the product’s value using curated mocks.
🔗 Try It Yourself
- Live Demo: PatchPoint on Vercel (Note: Runs in Simulation Mode by default)
- GitHub Repo: github.com/AbhiMishra-Now/patchpoint
- Video Demo: Watch on YouTube
Acknowledgments
Huge thanks to wemakedevs and coral for organizing the #CoralBeanHackathon. The opportunity to build with Coral SQL was a game-changer, showing how unified data layers can transform DevOps workflows from reactive panic to proactive governance.
Have you tried using SQL for cross-tool data resolution? Let me know in the comments! 👇
Top comments (0)