“the agent makes sense of your expenses intelligently”
ExpenSense is an intelligent multi-agent reimbursement management platform that automates the entire expense-review lifecycle. The system integrates traditional backend services with LLM-powered agents to deliver accurate, auditable, and policy-aligned expense decisions.
Key capabilities include:
- Automated receipt OCR + validation
- Policy-aware reimbursement decisions
- AI-based anomaly detection (frequency, patterns, merchant reasonableness)
- Admin dashboard for manual review
- Secure file, email, and policy retrieval flows
- Full audit logging for every decision
ExpenSense uses a layered architecture:
- Presentation Layer — Web UI for employees & admins
- Business Logic Layer — Traditional backend workflow & validation
- Agent Logic Layer — AI agents (Expense, Document, Email, Orchestrator)
- Data Access Layer — CRUD abstraction for Firestore, Cloud Storage, Gmail, Vector DB
- Data Layer — All persistent system storage
Architecture diagram available on page 3 of the final report.
- Expense Agent — OCR validation, rule checking (R1–R5), anomaly detection
- Document Agent — Receipt processing, PDF validation, RAG-safe extraction
- Email Agent — Notification delivery, secure outbound messaging
- Orchestrator Agent — Coordinates workflows, routes tasks to specialized agents
- Automatic approval for valid requests ≤ $500 (Rule R1)
- Mandatory manual review for > $500 (Rule R3)
- Frequency limit enforcement (Rule R2)
- Strict documentation validation (Rule R4)
- Post-approval financial update + audit logging (Rule R5)
- Policy retrieval using Vector DB with safeguard grounding
The system includes a full MAESTRO-aligned Red Team Test Suite:
- 29 total tests across 7 layers and 4 agents
- Tests include hallucination checks, data poisoning, prompt injection, sandbox escape, RBAC enforcement, and inter-agent sanitization
- Final report documents 5 vulnerabilities, primarily RBAC-related, with mitigation recommendations
frontend/ # Web UI (React / Vite)
backend/ # FastAPI server, agents, business logic
services/ # Firestore, Storage, Gmail, Vector DB CRUD interfaces
agents/ # Expense, Document, Email, Orchestrator agents
redteam/ # MAESTRO-aligned test suite
ExpenSense Team (COEN 296 Red Team B): Joshua Lee, Yulin Zeng, Andrew Nguyen, Darren Tang GitHub Repo: https://github.com/andrewqqn/coen296project