VibeAudits
Blog/Case Studies/From Replit MVP to Production-Ready AI SaaS Platform
Case Study
July 10, 2025
5 min read

From Replit MVP to Production-Ready AI SaaS Platform

A comprehensive analysis of our security audit process and the results achieved for our client.

From Replit MVP to Production-Ready AI SaaS Platform

Overview

RiskAssist is an AI-powered platform that enables organizations to auto-generate, edit, and manage internal policy documents such as privacy policies, terms & conditions, and compliance frameworks. It leverages advanced LLMs, tool calling, and vector search to make policy creation smarter, faster, and editable.

But the product didn’t begin this way.

Phase 1: Initial State

The original version of RiskAssist was a lightweight MVP built entirely on Replit with almost no architecture or production readiness.

Prototype Limitations:

  • No authentication or access control
  • No database — used localStorage only
  • One static prompt hardcoded in a form
  • No backend APIs or data handling
  • No modular structure — all-in-one frontend code
  • AI lacked prompt engineering or tool calling
  • No UI design system — visually broken and unresponsive
  • No version control, deployments, or environments

While the concept had promise, the product was unscalable, insecure, and far from production-grade.

Phase 2: Assessment

We conducted a complete technical audit to identify gaps and plan a rebuild from scratch. The assessment phase involved:

  • Mapping missing features: backend, auth, storage, RAG, AI flexibility
  • Reviewing OpenAI integration and identifying limits of static prompting
  • Benchmarking frontend usability and state handling
  • Defining technical goals: modular, secure, scalable, and editable AI

We aligned with the product vision and drafted a multi-phase implementation roadmap.

Phase 3: Implementation

We rebuilt the entire product using a modern, scalable tech stack optimized for AI applications.

AI Layer

  • Integrated Vercel AI SDK for managing prompt flows and OpenAI tool calling
  • Added dynamic prompt injection: company name, user inputs, and context
  • Built fallback flows, error handling, and token limit guards
  • Enabled editing and revision of AI output via prompt chaining

Vector Database & Retrieval

  • Embedded industry-standard compliance frameworks into Upstash Vector DB
  • Added semantic search and Retrieval-Augmented Generation (RAG) for grounded AI responses
  • Linked generated policies to context from these documents

Policy Editing and Document Handling

  • Integrated BlockNote markdown editor for rich, editable AI documents
  • Users can regenerate parts of the document with inline AI prompts
  • Enabled PDF uploads for existing policies → transformed into editable form

Auth, API, and Storage

  • Used Next.js for frontend + serverless API routes
  • Set up Clerk for authentication and session-based access control
  • Modeled relational data with Prisma ORM and PostgreSQL
  • Built RESTful APIs for policy management, file uploads, and user actions

Billing & Monetization

  • Added credit-based pricing system: AI usage (generate/edit) consumes credits
  • Integrated Stripe for secure payments and credit top-ups
  • Admin controls and dashboard track usage, limits, and billing history

DevOps and CI/CD

  • Set up GitHub version control, PR flow, and CI/CD with GitHub Actions
  • Used Vercel for hosting, preview environments, and production deployments
  • Configured staging and production with environment-specific secrets

Phase 4: After State

The final version of RiskAssist is a secure, full-featured SaaS platform ready for real users and investors.

Key Features:

  • Full AI policy generation with prompt memory and retrieval grounding
  • Rich editing interface using markdown with inline AI prompts
  • User dashboard to view, manage, and update all policy documents
  • Upload existing PDFs and turn them into editable policies
  • Responsive, intuitive UI built with TailwindCSS
  • Secure login and multi-user support with Clerk
  • Stripe billing system and real-time credit tracking
  • Robust backend with Prisma, PostgreSQL, and modular APIs
  • CI/CD for automated deployments, previews, and rollbacks

Phase 5: Verification

We completed multiple rounds of verification before launch:

  • Manual QA + automated API tests
  • Role-based access testing with multiple user types
  • Vector DB performance + RAG accuracy checks
  • Prompt performance and fallback testing
  • CI/CD with preview builds and staging/production isolation

The platform was validated across both technical and business metrics for reliability and scale.

Outcome

In just four weeks of focused engineering, RiskAssist was transformed into a production-grade AI SaaS product:

  • AI-generated policies grounded in real documents
  • Editable content with markdown-based UX
  • Upload existing policies and edit on the fly
  • Full user auth, session management, and role control
  • Usage-based credit billing with Stripe
  • Scalable infrastructure deployed with CI/CD

The platform is now demo-ready for legal teams, enterprise clients, and investors.

Final Thoughts

RiskAssist began as a vision coded into a Replit prototype — no backend, no auth, and no persistence. It relied on a single prompt and localStorage. The potential was clear, but the execution was fragile.

Through a full rebuild, Axentia turned the product into a robust, editable, AI-first SaaS solution. This transformation included vector-based AI grounding, tool-calling, modular APIs, CI/CD pipelines, and a live billing model.

This case study shows how the right technical execution — with the right tools and strategy — can elevate a messy MVP into a monetizable product ready for the market.