This is a submission for the GitHub Finish-Up-A-Thon Challenge
What I Built
I built ClinicalAudit (The Intelligent Medical Intake App).
In healthcare, doctors suffer from "hallucination anxiety" when using AI. They don't trust standard LLM summaries of messy, out-of-network medical records (like scanned prescriptions or lab reports) because they can't verify where the AI got its facts.
ClinicalAudit solves this using a "Citation-First" Architecture. Instead of just summarizing text, the app uses Google's Gemini API to extract structured clinical facts (Diagnoses, Medications, Labs, Allergies) and mathematically maps them directly to the exact spatial coordinates (bounding boxes) on the original PDF. When a doctor clicks a diagnosis on the dashboard, it highlights the exact pixels on the original document.
How it started, and why I came back to it: This project started as a hacked-together "vibe-coded" prototype, but it was incredibly fragile. I abandoned it because the complexities of dual-authentication, React state management, and spatial math got too overwhelming. However, a friend recently bet me $100 that I couldn't build a better product than them. That competitive spark was exactly what I needed to revive this project, rip out the technical debt, and engineer a production-ready, multi-tenant application.
Demo
💻 GitHub Repository:
https://github.com/KartikYadav020307/medical-intakev3
Patient Dashboard:
https://drive.google.com/file/d/1Q0W2Ze--90alXfb_93tBtmLRSE2l0QiC/view?usp=sharing
L2 Safety Alert Banner:
https://drive.google.com/file/d/1D8nJ_vuxJBR8Tq-GKVKr_UDzDkIF3jSz/view?usp=sharing
Project Demo Video:
https://drive.google.com/file/d/1R9GUB_KUiX8FlLx4rB7xQvLYzgRm5pN_/view?usp=sharing
The Comeback Story
Before this challenge, my MVP was barely holding together. It had a security flaw where user roles were stored in plain text in localStorage, a nasty dual-authentication conflict (Firebase and Supabase fighting each other), and silent database failures. The AI was extracting basic text, but it wasn't performing any clinical reasoning or safety checks.
Here is how I finished it up and turned it into a stable multi-tenant SaaS app:
The Great Purge & Security Lockdown: I completely ripped out Firebase and migrated everything to Supabase. I built a secure AuthGuard that checks user metadata server-side, completely locking down the Doctor vs. Patient routing.
L1 & L2 Intelligence Integration: I upgraded the AI "Brain". It now extracts an expanded schema (including Vitals, ICD-10 Codes, and Physicians). More importantly, I built an L2 Validation Gatekeeper.
Wrong-Patient Detection: The app intercepts the upload, reads the document, and cross-references the name/DOB on the PDF with the logged-in user's Supabase profile. If it doesn't match, it blocks the upload with a 400 Bad Request.
Allergy-Medication Safety Net: The AI cross-references extracted allergies with medications. If it detects a conflict (e.g., Sulfa allergy + Bactrim), it renders a big red "CRITICAL SAFETY ALERT" banner on the frontend.
Enterprise CRUD & The React "Domino Effect": I added global document control. Users can now "Hard Delete" PDFs, which wipes them from the Supabase Storage bucket and the database. By tying this to my React state, deleting a document triggers a useMemo domino effect that instantly scrubs all associated diseases and medications from the user's Analytics and Master Timeline.
Client-Side SHA-256 Deduplication: I implemented a feature that hashes files in the browser using the Web Crypto API before upload, checking the database for duplicates to save API token costs and bandwidth.
My Experience with GitHub Copilot
As someone without a traditional coding background, I act as the "Product Manager / Lead Architect" for my codebase, relying heavily on AI coding agents (including GitHub Copilot and VS Code extensions like Cline/Roo) to write the actual syntax.
Copilot was an absolute superpower for this comeback. Instead of asking it to "build my app," I fed it highly constrained, step-by-step architectural prompts. It flawlessly executed the heavy lifting, including:
Writing the complex spatial math required to translate the AI's 1000x1000 normalized bounding box coordinates into exact CSS percentages ((ymin/1000)*100%) for the react-pdf viewer.
Navigating Next.js App Router quirks, properly configuring my API routes to run on the nodejs runtime (avoiding Edge runtime crashes with the Google SDK).
Automatically managing complex React Hook dependencies (like the complex useMemo cascades required for my Analytics dashboard).
Tech Stack
Next.js App Router
React
TypeScript
Supabase (Auth, Database, Storage)
Google Gemini API
react-pdf
Tailwind CSS
Web Crypto API
Technical Highlights:
Processes complex multi-page medical PDFs, including scanned prescriptions, diagnostic reports, and lab records.
Uses Google Gemini to perform structured clinical extraction for diagnoses, medications, allergies, vitals, physicians, and ICD-10 related data.
Maps AI-generated citations directly back to the original PDF using normalized bounding-box coordinate translation for pixel-level verification.
Supports real-time multi-document patient timelines and analytics dashboards powered by React state synchronization.
Implements client-side SHA-256 hashing to prevent duplicate uploads and reduce unnecessary AI processing costs.
Includes an L2 clinical safety validation layer that detects potential allergy-medication conflicts before records are finalized.
Enforces secure multi-tenant access control using Supabase authentication and server-side role validation.
Performs wrong-patient detection by cross-checking uploaded document identity data against authenticated patient profiles.
Copilot didn't just help me write code faster; it allowed me to focus entirely on system design, data security, and clinical utility, turning an abandoned prototype into a production-ready clinical intake system.
Top comments (0)