AuditForge — Documentation

A corpus-agnostic deep-audit engine for audit and advisory firms. Live at https://metis-demo.base2ml.com/?view=auditforge.

This directory holds engineering documentation, the customer-facing methodology white paper, the operator manual, and sales / investor briefs. Every code change should ship with corresponding doc updates — see feedback_docs_with_every_commit.md in the auto-memory directory.

By audience

Engineering

• Architecture — system overview, pipeline stages, data model, storage layout, deployment
• API reference — full REST endpoint catalog
• Diagrams — mermaid source for pipeline / data flow / topology / primitives map / archetype tuning / moat (single source for sales + investor artifacts)
• Methodology white paper — the published methodology document (also goes in every deliverable)

Operator (partner-firm associate)

• User manual — login, firm setup, engagement creation, finding review, deliverable export

Go-to-market

• Pricing — per-engagement and annual platform license
• Sales one-pager — partner-firm pitch
• Investor brief — current state, market thesis, capital ask framing

Trust & security

• Sub-processors — every vendor that touches customer data
• Incident response (DRAFT) — pending legal/security review
• Business continuity / DR (DRAFT) — RTO/RPO posture, restoration playbook

Product direction

• Roadmap — what we're building next
• Changelog — what's shipped, when

Per-stage technical docs

Stage	Status	Document
Phase 0 — Foundation	✅ Complete	phase-0-foundation.md
A — Profile	✅ Complete	02-stage-a-profiler.md
B — Catalog	✅ Complete	03-stage-b-catalog.md
C — Synthesize	✅ Complete	04-stage-c-synthesizer.md
D — Validate	✅ Complete	05-stage-d-validator.md
E — Investigate	✅ Complete	06-stage-e-orchestrator.md
E.5 — Consolidate	✅ Complete	14-stage-e5-consolidation.md
F — Deepen	✅ Complete	07-stage-f-deepening.md
F.5 — Filter	✅ Complete	15-stage-f5-filter.md
G — Report	✅ Complete	08-stage-g-report.md
Runner + FindingsStore	✅ Complete	09-runner-and-store.md
Evidence-quote auto-verification	✅ Complete	10-evidence-verification.md
Adversarial verification	✅ Complete	11-adversarial-verification.md
Iterative retrieval	✅ Complete	12-iterative-retrieval.md
First dogfooding results	✅	13-dogfooding-results.md
White-label firms (Phase 2.5)	✅ Live	16-white-label-firms.md
Investigate further (Phase 3)	✅ Live	17-investigate-further.md
AI-assisted intake (Phase 4)	✅ Live	18-ai-assisted-intake.md
Cross-engagement findings search (Phase 5)	✅ Live	19-findings-search.md
Per-engagement S3 bucket isolation (Phase 7)	✅ Behind feature flag	20-per-engagement-s3-isolation.md
Per-user authentication (Phase 8)	✅ Live	21-per-user-auth.md
Per-engagement firm scoping (Phase 9)	✅ Live	22-per-engagement-firm-scoping.md
Cross-engagement portfolio clusters (Phase 10)	✅ Live	23-portfolio-clusters.md
TOTP MFA (Phase 11)	✅ Live	24-totp-mfa.md
Brute-force lockout (Phase 12)	✅ Live	25-brute-force-lockout.md
Pagination (Phase 13)	✅ Live	26-pagination.md
Audit log export (Phase 14)	✅ Live	27-audit-log-export.md
Fine-grained roles (Phase 15)	✅ Live	28-fine-grained-roles.md
Admin recovery endpoints (Phase 16)	✅ Live	29-admin-recovery.md
Bulk finding actions (Phase 17)	✅ Live	30-bulk-finding-actions.md
Bucket migration script (Phase 18)	✅ Tooling shipped	31-bucket-migration.md
Firm logo upload (Phase 19)	✅ Live	32-firm-logo-upload.md
Engagement freeze on deliver (Phase 20)	✅ Live	33-engagement-freeze.md
Engagement archive (Phase 21)	✅ Live	34-engagement-archive.md
Cluster diff over time (Phase 22)	✅ Live	35-cluster-diff.md
Engagement template library (Phase 23)	✅ Live	36-engagement-templates.md
Audit log signed URL (Phase 24)	✅ Live	37-audit-log-signed-url.md
Self-serve corpus onboarding (Phase 25–27)	✅ Live	38-self-serve-corpus.md
Multi-reviewer collaboration + budget UX (Phase 28)	✅ Live	39-multi-reviewer.md
Test corpus + planted flaws	✅	test-corpus-planted-flaws.md

Doc maintenance rule

Every code commit on the auditforge branch must include the corresponding doc update. New stage = new doc. Stage update = edit the existing doc. New endpoint = add to api-reference.md. UI feature change = update user-manual.md. Roadmap movement = update investor-brief.md.

This is non-negotiable per the persistence preferences captured in auto-memory. Stale docs cost the founder deals and slow investor conversations.

Related

• Plan file (master spec, decisions): ~/.claude/plans/i-think-pilotforge-s-requests-idempotent-gadget.md
• Code: rag_system/app/auditforge/, rag_system/frontend/src/components/, rag_system/app/auditforge_endpoints.py
• Tests: rag_system/tests/test_auditforge_*.py
• Auto-memory: ~/.claude/projects/-Users-christopherlindeman-Projects-Metis/memory/