Most vehicle-service apps optimise for distance and price. VSBS optimises for customer wellbeing — safety, stress, transparency, trust — and treats the service-advisor job as a fully autonomous agentic workflow you can click through on a slow phone with zero human operators in the loop.

It composes six things that nobody usually ships together:

1. A LangGraph supervisor with a verifier chain on every tool call.
2. A provider-agnostic LLM layer that runs on free-tier Gemini, production Vertex Claude, OpenAI, Anthropic direct, or a scripted sim driver with zero API keys.
3. A deterministic sensor simulator with Kalman fusion and SOTIF-aligned fault-vs-sensor-failure arbitration.
4. A prognostic health state machine per ISO 13374 that refuses autonomous operation when a tier-1 safety-critical sensor is dead.
5. A DPDP-2025-native append-only consent log with evidence hashes and a 72-hour breach runbook.
6. A post-quantum hybrid envelope for long-lived secrets using Cloud KMS ML-KEM-768 + X25519.

Every architectural decision is traceable to peer-reviewed research or a published standard. See docs/research/ for the citation trail and docs/defensive-publication.md for the prior-art filing.

Prerequisites: Node 22+, pnpm 9+, Bun 1.2+. Nothing else.

# 1. Clone + install
git clone https://github.com/divyamohan1993/vsbs.git
cd vsbs
pnpm install --ignore-scripts

# 2. Build the library packages
pnpm run build:libs

# 3. Prove the baseline is green
pnpm -r typecheck    # 6/6 packages clean
pnpm -r test         # 125 tests passing
pnpm run build       # full repo build

# 4. Boot the API in sim mode (zero API keys needed)
cd apps/api
LLM_PROFILE=sim PORT=8787 bun src/server.ts &

# 5. Watch a real autonomous booking turn
curl -sN -X POST http://localhost:8787/v1/concierge/turn \
  -H 'content-type: application/json' \
  -d '{"conversationId":"demo","userMessage":"My 2024 Honda Civic is grinding when I brake"}'

You should see a live SSE trace — tool-call → verifier → tool-result → delta → final — with the deterministic safety and wellbeing engines returning real results, driven by a LangGraph supervisor, through a provider-agnostic LLM layer, on zero external API calls.

Flip LLM_PROFILE=demo + set GOOGLE_AI_STUDIO_API_KEY and the exact same transcript runs on Gemini 2.5 Flash-Lite. Flip to prod and it runs on Claude Opus 4.6 via Vertex AI. One env var. No code change.

flowchart TB
  subgraph browser["apps/web · Next.js 16 + React 19"]
    Home["/"] --> Book["/book wizard"]
    Book -->|"Confirm"| Concierge["Concierge runner · live SSE"]
    Concierge --> Status["/status/:id ticker"]
    Status --> Autonomy["/autonomy/:id dashboard"]
  end

  subgraph proxy["apps/web/api/proxy · CSP self-only bridge"]
    ProxyRoute["strips headers · streams body"]
  end

  browser -- "/api/proxy/*" --> ProxyRoute

  subgraph api["apps/api · Hono on Bun on Cloud Run"]
    MW["defense-in-depth middleware"]
    Routes["/v1/* routes"]
    MW --> Routes
  end

  ProxyRoute -- "/v1/*" --> MW

  subgraph agents["packages/agents · LangGraph supervisor"]
    Supervisor["concierge supervisor"]
    Verifier["verifier chain"]
    Tools["tool registry · 10 Zod-validated tools"]
    Memory["Mem0 pattern memory"]
    Supervisor --> Verifier
    Verifier --> Tools
    Tools --> Supervisor
    Supervisor -.-> Memory
  end

  Routes -- "SSE concierge/turn" --> agents
  Tools -- "real HTTP back into" --> Routes

  subgraph llm["packages/llm · provider-agnostic"]
    Registry["LlmRegistry · role-keyed"]
    SimP["scripted · zero keys"]
    GAI["google-ai-studio"]
    VG["vertex-gemini"]
    VC["vertex-claude"]
    Anth["anthropic"]
    OAI["openai"]
    Registry --> SimP
    Registry --> GAI
    Registry --> VG
    Registry --> VC
    Registry --> Anth
    Registry --> OAI
  end

  agents --> Registry

  subgraph shared["packages/shared · Zod contracts"]
    Intake["intake schema"]
    Safety["safety red-flags"]
    Wellbeing["wellbeing composite"]
    PHM["PHM state machine"]
    Grant["CommandGrant model"]
    Payment["payment state machine"]
  end

  Routes --> shared
  agents --> shared

  subgraph sensors["packages/sensors"]
    Kalman["Kalman fusion"]
    Sim["fault-injected simulator"]
    RUL["physics-of-failure RUL"]
  end

  Routes --> sensors

Read in this order: docs/architecture.md → STACK.md → docs/research/agentic.md → docs/research/autonomy.md → docs/research/prognostics.md → docs/gap-audit.md.

sequenceDiagram
    autonumber
    participant U as Owner
    participant W as apps/web
    participant A as apps/api
    participant L as LangGraph supervisor
    participant V as Verifier (cheap model)
    participant S as Safety + Wellbeing engines
    participant P as Payments adapter (sim or live)

    U->>W: fills booking wizard · OTP · VIN · symptoms
    W->>A: GET /v1/vin/:vin (real NHTSA)
    W->>A: POST /v1/safety/assess
    A-->>W: severity + rationale
    U->>W: click Confirm
    W->>A: POST /v1/concierge/turn (SSE)
    A->>L: runTurn(state, userMessage)
    loop each tool call
      L->>V: is this tool call grounded?
      V-->>L: yes · reason
      L->>S: assessSafety / scoreWellbeing
      S-->>L: deterministic result
      L-->>A: tool-call · verifier · tool-result events
      A-->>W: SSE frames
    end
    L-->>A: final assistant message
    A-->>W: SSE final + end
    W-->>U: streamed trace + recommendation card
    U->>W: approve cost and commit
    W->>A: POST /v1/payments/orders (idempotent)
    A->>P: order-created → intent → authorised → captured → settled
    P-->>A: webhook events (same bus in sim and live)
    A-->>W: settled

Every arrow is real code you can read today. Every sim path implements the identical state machine as its live counterpart, per docs/simulation-policy.md.

.
├── apps
│   ├── api          Hono on Bun · defense-in-depth middleware · 12 route groups · 35 tests
│   └── web          Next.js 16 · booking wizard · live concierge · autonomy dashboard · consent
├── packages
│   ├── shared       Zod schemas · safety · wellbeing · autonomy · PHM · payment state machine
│   ├── sensors      Kalman fusion · simulator with fault injection · RUL models
│   ├── llm          Provider-agnostic LLM · 6 providers · sim / demo / prod profiles
│   └── agents       LangGraph supervisor · verifier chain · Mem0 memory · 10 VSBS tools
├── infra
│   └── terraform    GCP baseline · Cloud Run · Firestore · Secret Manager · IAM
├── docs
│   ├── research          8 cited research documents · the spine of every decision
│   ├── compliance        DPIA · FRIA · AI risk register · breach runbook · retention
│   ├── architecture.md   Synthesis
│   ├── roadmap-prod-deploy.md   93-item build list through Phase 12
│   ├── simulation-policy.md     Sim + live share the state machine · one toggle
│   ├── defensive-publication.md Prior art for 12 inventive concepts · dated 2026-04-15
│   └── gap-audit.md             Honest what-is-real vs what-is-partial inventory
├── .github           Issue + PR templates · CODEOWNERS · dependabot · CI
├── CLAUDE.md         Project brief for any fresh Claude session that opens this repo
├── CONTRIBUTING.md   How to contribute without bouncing
├── SECURITY.md       Vulnerability disclosure policy
├── SUPPORT.md        How to ask questions that land
├── STACK.md          Exact versioned stack choices with justification
├── CHANGELOG.md      Keep a Changelog format
├── CITATION.cff      Academic citation metadata
├── LICENSE           Apache 2.0
└── NOTICE            Attribution framed as an adopter benefit

VSBS is L4 within a defined operational design domain for the service-advisor job, and L0-through-tier-A-AVP for the driving portion — depending on what the vehicle itself actually supports. It never fakes a capability the car does not have.

Read the honest accounting in docs/gap-audit.md and the tiered-autonomy reality check in docs/research/autonomy.md §1.

Every claim VSBS makes about architecture, safety, wellbeing, autonomy, prognostics, and agentic AI is grounded in a cited source. The research corpus lives at docs/research/:

Plus docs/research/addendum-2026-04-15.md with the deltas that landed when parallel specialist agents re-audited the corpus.

VSBS ships a full compliance pack at docs/compliance/:

• dpia.md — DPDP Rules 2025 + GDPR Art. 35 Data Protection Impact Assessment.
• fria.md — EU AI Act Art. 27 Fundamental Rights Impact Assessment, 10-row go/no-go table.
• ai-risk-register.md — 18 rows mapped to NIST AI RMF 1.0 + OWASP GenAI Top 10 2025, every row citing a concrete source file.
• consent-notices/README.md — Consent notice versioning index with a mermaid lifecycle.
• breach-runbook.md — 72-hour DPDP Rule 7 breach notification playbook.
• retention.md — Per-purpose retention schedule matching ConsentPurposeSchema.

None of this is legal advice. It is a starting point that is more complete than what most projects ship on day one.

VSBS maintains three overlapping verification layers.

Unit tests — 125 passing across 12 files

packages/shared : 73 tests (6 files)   safety, wellbeing, autonomy, phm, payment, vehicle
packages/sensors: 17 tests (2 files)   Kalman fusion, RUL models
apps/api        : 35 tests (4 files)   payment state machine, Razorpay sim, OTP, security middleware

Smoke tests — 25 live HTTP probes

healthz · readyz · llm config · vin (real NHTSA) · safety green + red · wellbeing · otp demo + verify
autonomy eligible + refused · order + intent + authorise + settled · idempotency · validation envelope
404 envelope · HSTS · CSP · nosniff · referrer policy · request-id · rate-limit headers

Live concierge run

curl -sN -X POST http://localhost:8787/v1/concierge/turn \
  -H 'content-type: application/json' \
  -d '{"conversationId":"demo","userMessage":"..."}'

Produces a real tool-call → verifier → tool-result → delta → final → end SSE trace with the deterministic safety and wellbeing engines returning real results.

CI runs all three on every PR. See .github/workflows/ci.yml.

For every external dependency with a _MODE toggle, the sim and live drivers implement the identical state machine and behaviour. Promotion is a single environment-variable flip. No code path changes. No behaviour changes. No "cleanup pass before going live."

This is the load-bearing rule that lets VSBS run a full booking end-to-end with zero API keys while being structurally ready for production. Read docs/simulation-policy.md for the full discipline and the subsystems it applies to.

Under Apache 2.0 plus public disclosure, docs/defensive-publication.md establishes twelve inventive concepts as prior art under 35 U.S.C. §102, EPC Art. 54, and Indian Patents Act §13, dated 2026-04-15. Any later patent filing reading on these concepts is invalidated by this publication.

Phase 1 is complete. The full 93-item build list through Phase 12 is at docs/roadmap-prod-deploy.md. Next pending blocks:

1. Phase 2 — Real Smartcar adapter, EKF / UKF for multi-state channels, command-grant signing with passkeys and ML-DSA-65, Mercedes/Bosch AVP adapter.
2. Phase 3 — AlloyDB + pgvector + Vertex Vector Search for the repair knowledge graph.
3. Phase 4 — Dual-region India + US deployment.
4. Phase 5-7 — DPDP consent manager integration, zero-trust hardening, full observability.

We review PRs that cite a paper, a standard, or a concrete production use-case. We reject PRs that weaken a safety invariant, add unjustified dependencies, or introduce placeholders. Full rules at CONTRIBUTING.md. Security findings at SECURITY.md. Community questions at SUPPORT.md.

Licensed under the Apache License, Version 2.0. See LICENSE and NOTICE. Short version for adopters:

• You can use, modify, ship, white-label, commercialise, and integrate this in any product. No royalty. No permission needed.
• You must keep the LICENSE and NOTICE in any redistribution. The NOTICE is short and is framed as a benefit to you: research pedigree, standards trail, open partnership channel, patent safety.
• Trademarks are not granted. Pick your own product name.
• No warranty. You own your deployment's DPIA, FRIA, and regulatory approvals.

Copyright © 2026 Divya Mohan (dmj.one). Partnerships and OEM integration: [email protected].