PPTX Brand Reviewer

Public-safe showcase repository for a low-noise PPTX brand-compliance reviewer.

What it does

This project analyzes uploaded PowerPoint decks and returns conservative, slide-level findings for a human reviewer.

Current vertical slice:

1. PPTX upload
2. Slide parsing
3. Deterministic high-confidence findings
4. Reviewer-friendly per-slide workspace
5. Optional password gate for the review workspace
6. Best-effort slide thumbnails as reviewer aids

Design principles

• Deterministic checks first
• Low false-positive rate
• Explainable findings
• No deck-specific hardcoding
• No private deck assets committed to git
• Uploaded PPTX files are processed transiently and are not exposed as public assets

Tech stack

• apps/api/ — FastAPI parsing, findings, and thumbnail pipeline
• apps/web/ — Next.js reviewer UI and same-origin API proxy
• docs/ — architecture, project plan, rule taxonomy, delivery checklist
• samples/ — synthetic fixtures and local-only placeholders

Screenshots

Login

Upload workspace

Review workspace

Local setup

Backend

cd apps/api
uv sync --extra dev
uv run uvicorn --app-dir src brand_reviewer_api.main:app \
  --reload \
  --host 127.0.0.1 \
  --port ${API_PORT:-8000}

Backend env vars:

• BRAND_REVIEWER_API_WORKDIR_ROOT
• BRAND_REVIEWER_PROXY_SHARED_SECRET
• BRAND_REVIEWER_PDF_RENDER_TIMEOUT_SECONDS
• BRAND_REVIEWER_PNG_RENDER_TIMEOUT_SECONDS
• BRAND_REVIEWER_MAX_RENDERED_SLIDES
• BRAND_REVIEWER_MAX_TOTAL_THUMBNAIL_DATA_URL_BYTES
• BRAND_REVIEWER_MAX_PNG_BYTES_PER_SLIDE

Frontend

cd apps/web
corepack pnpm install
npm run dev

Frontend env vars:

• BRAND_REVIEWER_API_BASE_URL — default local backend target (http://127.0.0.1:8000)
• APP_PASSWORD — optional workspace password
• APP_AUTH_SECRET — server-only HMAC signing secret for the session cookie
• BRAND_REVIEWER_BACKEND_PROXY_SECRET — server-only secret forwarded by the proxy to /decks

Validation

cd apps/api
uv run pytest -q
PYTHONPATH=src uv run python -m compileall -q src tests

cd ../web
npm run typecheck
npm run lint
npm run build

Publishing

See docs/PUBLISHING.md for the public GitHub repo setup and first-push flow.

Sample rule set

The current deterministic rule set includes:

• visible DRAFT markers
• Percentile → %ile terminology for the sample ACME brand vocabulary
• missing confidentiality language
• Incumbent → Executive terminology
• duplicate finding collapse per slide/rule

Trade-offs and limitations

• Thumbnail rendering is a reviewer aid, not a visual/layout compliance verdict.
• Findings remain text-first even when thumbnails render successfully.
• Large decks can take longer on low-resource environments.
• No database, persistent review state backend, or AI dependency is required.
• The password gate is intentionally simple and is not production-grade authentication.

What I would improve next

• richer table/header-aware deterministic checks
• better fixture coverage for ambiguous formatting cases
• optional visual heuristics with strict confidence separation
• exportable review decisions and reviewer notes