Skip to content

Investigate further (Phase 3)

What

Per-finding "investigate further" entry point. After reviewing a finding, the partner can click a button, type optional steering text, and spawn a focused mini-audit seeded by that finding. New findings appear in the engagement when the focused run completes.

The point is interactive deepening: the partner reads a finding about subcontract flow-down, says "investigate the audit-rights clause specifically," and the system runs a targeted retrieval+investigation pass on that specific concern without re-running the whole audit.

How it works

  1. Partner clicks "Investigate further…" on a finding in the AuditForge UI
  2. Modal: optional steering text, primitive override (defaults to finding's primitive), budget cap, max-questions cap
  3. Frontend POST /auditforge/finding/{id}/investigate-further?engagement_id=...
  4. Backend constructs a FollowUpTarget: 
    FollowUpTarget(
    primitive=body.primitive or finding.primitive,
    description=body.steering_text or finding.description,
    parent_finding_ids=[finding_id],
    priority_hint=1.0,
)
  5. Backend kicks off run_audit() as a background task with initial_follow_up_targets=[target], max_iterations=1, default budget cap $15, default max-questions 20
  6. The audit's catalog stage uses the seeded target to focus question generation; investigate runs on the resulting questions; consolidate and filter run as usual
  7. New findings persist to the same engagement; UI's useEngagementStream SSE consumer surfaces them in real time

Why max_iterations=1, max_questions=20

The intent is a focused dive, not a full re-audit. A typical investigate-further run produces 3–8 new findings around the seeded concern at a cost of $1–3. The partner can repeat the loop multiple times if they want to drill on different aspects.

Required engagement state

The endpoint validates:

  • Engagement exists
  • Engagement has intake set
  • Engagement has client_id recorded (set by the original POST /run)
  • No active run already in progress on this engagement

If client_id is missing (engagement was created but never run), the endpoint returns 422 with a message instructing the partner to run the initial audit first.

Code

  • app/auditforge_endpoints.pyinvestigate_further endpoint
  • app/auditforge/runner.pyinitial_follow_up_targets parameter on run_audit()
  • app/auditforge/findings.pyFollowUpTarget dataclass
  • frontend/src/components/FindingDetail.tsx — button + inline modal
  • frontend/src/api/auditforge.ts — typed investigateFurther() call

Cost characteristics

Metric Default Cap
Budget $15 $50 (request body max)
Max questions 20 100 (request body max)
Wall time 1–3 min depends on questions × concurrency

Open improvements

  • "Investigate further" doesn't yet update the parent finding's related_finding_ids with the new findings' IDs. Should — partner wants to see the lineage.
  • No UI for cancelling a running follow-up. Today the partner has to wait for it to finish or hit the budget cap.
  • Multi-finding follow-up: select N findings, run a single focused audit covering all of them. Today each finding requires its own investigate-further click.