In modern software engineering, security data is fragmented. Your code lives in GitHub, your ticket ownership in Linear (or Jira), and your incident context in Slack. When a critical CVE like Log4j drops, engineers don’t just need to know what is broken; they need to know who owns it, how critical it is, and where to ping the on-call engineer.

Traditionally, connecting these dots requires writing brittle API glue code, handling pagination, managing auth tokens, and dealing with rate limits. It’s slow, expensive, and prone to errors.

I built PatchPoint to solve this. It’s an enterprise-grade Vulnerability Impact Mapper that unifies these silos into a single, SQL-queryable intelligence layer using Coral SQL.

👁

🚀 The Problem: Context Fragmentation

Imagine you are a Security Engineer. A vulnerability scanner flags log4j-core in your auth-service repo.

1. You go to GitHub to find the file path.
2. You go to Linear to find who owns the auth-service.
3. You go to Slack to find the #eng-auth-oncall channel.
4. You manually draft a message to Alice Chen.

This process takes hours. In a high-stakes environment, hours matter.

💡 The Solution: PatchPoint

PatchPoint automates this entire workflow. You simply type: "Check if log4j affects any Tier-1 services."

The system:

1. Queries GitHub for dependencies.
2. Joins Linear to resolve ownership.
3. Joins Slack to find on-call rosters.
4. Synthesizes an actionable Slack draft using AI.

All in seconds. All via a single SQL query.

🏗️ Architecture: Hybrid Backend & Coral MCPs

PatchPoint uses a Hybrid Architecture to balance security, scalability, and demo reliability.

1. The Backend (Python Flask)

The backend acts as a secure proxy. It holds API keys for GitHub, Linear, and Groq (LLM). It handles:

• Coral SDK Communication: Executing SQL queries against connected MCPs.
• AI Synthesis: Using Groq Llama-3 to draft incident responses.
• Fallback Logic: If real MCPs are offline, it serves high-fidelity mock data to ensure the UI never breaks.

2. The Frontend (Vite + React)

Built for speed and interactivity, the frontend features:

• Agent Flow Visualizer: Animates the cross-source join process.
• Live Threat Feed: Simulates real-time scanning.
• SQL Execution Plan: Shows the exact SQL query generated, proving the "No Glue Code" claim.

3. The Data Layer (Coral SQL)

This is the core innovation. Instead of REST APIs, I used Coral SQL to join disparate data sources.

SELECT 
 gh.repo_name, 
 gh.package_version, 
 lin.ticket_owner, 
 slack.oncall_channel
FROM github_dependencies gh
JOIN linear_tickets lin 
 ON gh.repo_name = lin.service_tag -- Coral maps this automatically
LEFT JOIN slack_oncall slack 
 ON lin.team_id = slack.team_id
WHERE gh.package_name = 'log4j'
AND lin.sla_tier = 'Tier-1';

👁

🛠️ Tech Stack

• Frontend: Vite, React, Tailwind CSS, Framer Motion
• Backend: Python Flask, Groq API (Llama-3)
• Data Engine: Coral SQL, GitHub MCP, Linear MCP, Slack MCP
• Deployment: Vercel (Frontend), Local/Render (Backend)

Key Learnings

Building PatchPoint under hackathon constraints taught me the value of declarative data layers. By offloading API complexity to Coral, I focused on UX and business logic. I also learned the importance of resilient architecture—implementing a "Smart Fallback" ensured that even if the backend failed, the frontend could still demonstrate the product’s value using curated mocks.

🔗 Try It Yourself

• Live Demo: PatchPoint on Vercel (Note: Runs in Simulation Mode by default)
• GitHub Repo: github.com/AbhiMishra-Now/patchpoint
• Video Demo: Watch on YouTube

Acknowledgments

Huge thanks to wemakedevs and coral for organizing the #CoralBeanHackathon. The opportunity to build with Coral SQL was a game-changer, showing how unified data layers can transform DevOps workflows from reactive panic to proactive governance.

Have you tried using SQL for cross-tool data resolution? Let me know in the comments! 👇

CoralSQL #DevOps #CyberSecurity #Python #React #AI #SoftwareEngineering #FullStack #Hackathon #TechCommunity