Work / Bharat-First / Astha ResumeAI
Capstone · Cybersecurity · 3-in-1 PWAFirst-generation Indian job seekers fight three different walls: a form they cannot fill, a gatekeeper they cannot reach, and a screen they cannot see. Astha ResumeAI knocks down all three from one browser tab. Conversational. Multilingual. Cryptographically signed. No resume data ever leaves the device.
01 · Candidate side
A slot-filling chatbot that builds your resume by talking. Hindi, Hinglish, Tamil, Telugu, Kannada, Bengali, Marathi, Gujarati, Punjabi. Voice in. PDF out.
02 · Trust layer
The employer publishes criteria. The candidate self-assesses, then takes an adaptive test. The scorecard is HMAC-SHA256 signed on a Cloud Function. Resume claim, verified score, gap.
03 · Employer side
Upload resumes and a JD. Nine agents fan out as a Kahn-sorted DAG: parse, embed, match, distance, score, coach. Every weight is cited to peer-reviewed research.
Act I · The Problem
Sixty percent of Indian job seekers are not comfortable in English or Hindi. The resume builder asks for "tenure" and the candidate closes the tab. Most "AI for resumes" stops existing the moment the script changes from Latin.
"Proficient in Python" reads the same on a brilliant CV and a fabricated one. The employer cannot tell. The honest candidate gets sorted with the inflated one. The trust gap is the resume's biggest lie.
A keyword-counting filter rejects the candidate without explanation. The recruiter never sees the resume. The candidate never learns what to fix. A shipped product on both sides has to show its work.
Most resume tools upload the document to a vendor cloud. The candidate's name, address, phone, college roll number and salary history sit in someone else's logs. For a first-gen seeker, that is the whole house.
Act II · The Promise
No forms. No fields. The candidate speaks. Saathi listens to a one-word answer, reads its own last question for context, and slots the data into the right of 23 buckets. Gemma 3 27b on the front, Gemini 2.5 Flash as backup. Pure LLM. Zero regex.
Saathiphase: education
Where did you study? Just the city is fine if the college name slips your mind.
Candidate · Solan, HPvoice input
शिमला
"Shimla."
Saathislot.education.location ✓
Got it, Shimla. Which course, and what year did you finish? You can answer in any language you like.
Candidatehinglish
BCom from HPU, 2024 mein finish hua.
Saathislot.education.degree, year, institution ✓
B.Com, HPU, 2024. Saved. We have eleven slots left. Tell me about something you built or organised at college that you are proud of.
Act III · The Cascade
The phone decides what it can do. Old phone with no GPU? L1 and L2 still work in WASM. Mid phone with WebGPU? L3 unlocks Gemma 4 in the browser. Offline? The pipeline keeps grading. Online and L3 cannot load? Only then does the resume's hashed embedding go to L4. The resume itself stays put.
L1 any device
Section detection, entity extraction, Jaccard plus TF-IDF scoring, parseability gate. Hard rule: if a resume is missing 3 of 4 expected sections, the final score is zero.
0 MB
L2 WASM
384-dimensional sentence vectors via ONNX runtime. Cosine similarity for skills, projects and experience. Quantised to Q8 so it loads on a mid-range Android in under three seconds.
~67 MB
L3 WebGPU
Q4 quantised reasoning model via Transformers.js. Runs the Henle et al. fraud taxonomy: fabrication, embellishment, omission. Project quality scored against the AAC&U VALUE rubric.
~1.5 GB
L4 cloud · last resort
Only if L3 cannot load and a key is configured. Structured JSON output. Native PDF understanding. The fallback exists so the system never returns a worse answer than the tier above it could.
network · graceful
Act IV · The Pipeline
Every employer screen is a Kahn-sorted DAG. Independent nodes run in parallel. Downstream nodes wait. Every agent records a thought-action-observation triple with timing, so the recruiter sees why the score landed where it did.
Act V · The Trust Layer
Bridge does not interrupt the candidate. It does not flash a warning. It just measures. Twelve signals in parallel, three audio layers, and one HMAC-SHA256 signed scorecard at the end. The employer reads a number they can trust. The candidate is never accused without evidence.
| Signal | How it fires | Penalty |
|---|---|---|
| Tab switch | visibilitychange listener | −5 |
| Paste detection | paste event on the test area | −8 |
| Fullscreen exit | fullscreenchange listener | −3 |
| Speed anomaly | answer time below 0.3 of expected read time | −10 |
| Compound anomaly | speed anomaly with a tab hidden in the last 10 s | −15 |
| Speech burst | 2 to 5 s of detected speech | −1 |
| Conversation | three or more bursts in 30 s | −5 |
| Continuous speech | more than 10 s of continuous speech | −8 |
| Whisper | low-energy speech detection | −6 |
| Speech with tab switch | speech within 5 s of a tab switch | −12 |
| Resume pinning | SHA-256 hash plus n-gram Jaccard change detection | blocks retest |
| Device fingerprint | 11 hardware signals · GPU, audio, screen, CPU, memory · hashed | one identity per device |
Audio · 01
FFT energy distribution in the 300 to 3400 Hz speech band. Catches a quiet voice the room does not.
Audio · 02
Syllabic modulation in the 3 to 8 Hz window via zero-crossing rate. Speech rhythm has a fingerprint.
Audio · 03
Rolling 60 s baseline that recalibrates from non-speech samples. Quiet rooms and noisy rooms grade fairly. Zero audio is ever stored.
Act VI · The Offer
Astha computes a 0 to 100 wellbeing score for any job offer, weighted across eight research-cited parameters and tuned for 32 Indian cities. Real salary is cost-of-living adjusted. Commute uses non-linear piecewise decay. Relocation costs the candidate 10 points by default, per Gallup community wellbeing.
| Parameter | Weight | Source |
|---|---|---|
| Commute | 25% | Clark et al. 2020 · Stutzer & Frey 2008 |
| Work hours | 20% | WHO/ILO Pega 2021 |
| Work mode | 15% | Bloom et al. 2024 (Nature) |
| Real salary, CoL adjusted | 15% | Gallup Five Elements |
| Air quality, PM2.5 | 10% | Graff Zivin & Neidell, IZA |
| Industry stability | 5% | NASSCOM/Aon 2024 |
| Heat stress, WBGT | 5% | Nature Sci Reports 2026 |
| Commute cost | 5% | ORF India |
Act VII · Proof
Live · astha-capstone.dmj.one
Vercel auto-deploys from main on every push. Custom domain plus three Vercel aliases. Loads on a 2G connection, works through a service worker when the network drops.
Privacy · 0 bytes
Every L1, L2 and L3 inference runs in the browser. L4 sends a hashed embedding only as a last resort, only with explicit consent, only when L3 cannot load.
Trust · HMAC-SHA256
Per-criteria 32-byte signing secret, generated server-side. The Cloud Function signs the canonical JSON. The employer verifies. The candidate cannot inflate.
Quality · 516 tests
React Testing Library 16.3, Vitest 3.1. Strict TypeScript build on every commit. Lint passes on every PR. The capstone ships like a product, not a homework set.
A11y · WCAG 2.2 AAA
Skip links on every page. Three-pixel solid focus indicators. ARIA live regions. Reduced-motion respected. 44 px touch targets. Print stylesheet for the resume preview.
Security · HSTS 2 yr · preload
CSP in and in the Vercel config. X-Frame-Options DENY. Permissions-Policy denies camera, payment, USB. Anonymous Firebase auth with device-to-email mapping.
The Stack
I mentor capstone teams to build production-grade AI products that respect the user's data, the user's language, and the user's phone. The repository is MIT. The pattern is portable. The conversation starts here.