Security Report Generator

I built this because my business’s security audit team was assembling reports by hand — shuffling between spreadsheets, docs, and markdown files, then manually formatting everything into a PDF that looked professional enough to send to clients. It worked, but it was slow, error-prone, and nobody enjoyed it. We were also using another editor that was very clunky and not user-friendly at all.

So I built a dedicated report editor. You log in, create a report, fill in the metadata (client, platform, contracts, issues with severity ratings), and the app handles the rest — auto-generating a formatted PDF with cover page, table of contents, findings, and resolution tracking. The whole thing is role-based: admins manage users and reports, editors work on what they’re assigned to, and clients get a password-protected public viewer link where they can leave comments on specific findings.

The trickiest part was PDF generation. Vercel’s serverless functions can’t run headless Chrome (250MB limit), so the whole thing runs on Railway with Puppeteer spawning as a child process. The report renders as a print-optimized page, Puppeteer screenshots it, and out comes a pixel-perfect PDF. It’s hacky in the way that actually works in production.

There’s also real-time presence (so two editors don’t clobber each other), optimistic locking on saves, a template system for client-facing messages, and a mobile-responsive public viewer that scales A4 pages down to phone screens using CSS zoom. It’s the kind of internal tool that saves 30 minutes per report, which adds up fast when you’re shipping audits every week.