Overview
Diella (from Albanian diell — “sun”) is an AI system developed by AKSHI using Microsoft Azure and OpenAI technology. In September 2025, Albanian Prime Minister Edi Rama appointed Diella as Minister of State for Artificial Intelligence — making her the world’s first AI formally appointed to a cabinet-level government position. Her stated mission: “Public tenders will be 100 percent free of corruption.”
This OSINT analysis covers the technical investigation of Diella’s infrastructure, AKSHI’s digital footprint, and the security assessment conducted in January and February 2026.
Identity & Background
| Attribute | Detail |
|---|---|
| Name | Diella (from Albanian for “sun”) |
| Appearance | Female avatar in traditional Zadrimë costume |
| Voice | Albanian actress Anila Bisha |
| Role | Minister of State for Artificial Intelligence |
| Developer | AKSHI Artificial Intelligence Laboratory |
| Technology Partner | Microsoft (Azure + OpenAI LLMs) |
| Initial launch | January 2025 — virtual assistant on e-Albania |
| Cabinet appointment | September 2025 (presidential decree) |
| Mission | Anti-corruption monitoring of public procurement |
| Document access | 36,000+ government documents |
| Service integration | ~1,000 public services on e-Albania |
Infrastructure — Phase 1 (January 2026)
Primary Domains
| Domain | IP Address | ASN | Technology |
|---|---|---|---|
| e-albania.al | 134.0.39.39 | AS5576 (AKSHI) | ASP.NET, jQuery, Bootstrap |
| akshi.gov.al | 134.0.42.170 | AS5576 (AKSHI) | WordPress, nginx/1.19.10 |
| Diella Frontend | proud-coast-026495803.4.azurestaticapps.net | Azure | Vue.js 3.5 / Quasar |
Diella Frontend Analysis
The Diella AI chatbot is served as an Azure Static Web App. The 229 KB JavaScript bundle (index.0c3452c3.js) was downloaded and fully analyzed. No API keys, no backend endpoint URLs, no hardcoded credentials were found. All sensitive configuration is injected at runtime by the Azure backend.
| Finding | Result |
|---|---|
| API keys in bundle | None found |
| Backend endpoint URLs | None found (runtime-injected) |
| Hardcoded credentials | None found |
| Environment variables exposed | Style/UI variables only (non-sensitive) |
| Azure App Insights key | 40a2cf63-ce16-4617-afe4-c618d01198ef (telemetry) |
| Last-Modified date | September 15, 2025 (matches cabinet appointment) |
| Framework | Vue.js 3.5.13 / Quasar Framework (#q-app div) |
Azure Static Web App authentication endpoints responded as expected:
GET /.auth/me
{"clientPrincipal": null}
GET /.auth/login/aad
HTTP/1.1 302 Found
Location: https://login.microsoftonline.com/...AKSHI Internal Subdomain Infrastructure
AKSHI’s backend infrastructure (referenced in Diella’s configuration but served via internal DNS) was identified through certificate transparency logs:
dc-hasura.akshi.gov.al— Hasura GraphQL enginedc-keycloak.akshi.gov.al— Keycloak IAM (authentication)dc-rest.akshi.gov.al— REST API servicesdc-hapi.akshi.gov.al— hapi.js APIdc-abb.akshi.gov.al— ABB integration
All internal subdomains return no DNS resolution from the public internet, confirming proper network segmentation.
AKSHI Subdomain Enumeration
Phase 1 (January 2026): 50 Subdomains
Initial enumeration via crt.sh certificate transparency produced 50 AKSHI subdomains. Key infrastructure discovered:
| Subdomain | Purpose | Status |
|---|---|---|
| e-albania.al | Main citizen services portal | LIVE |
| eauth.akshi.gov.al | Authentication services | Internal |
| esign.akshi.gov.al | Electronic signatures | Incapsula WAF |
| eform.akshi.gov.al | Electronic forms | Default IIS page |
| code-server.akshi.gov.al | VS Code Server (dev) | Internal only |
| collabora.akshi.gov.al | Collabora Online documents | Internal only |
| dc-hasura.akshi.gov.al | Hasura GraphQL | Internal only |
| dc-keycloak.akshi.gov.al | Keycloak IAM | Internal only |
Phase 2 (February 2026): 110 Subdomains (+60 new)
A second crt.sh enumeration expanded the count from 50 to 110 subdomains. Notable additions:
jira.akshi.gov.al— Jira issue tracker (internal)rancher.akshi.gov.al— Rancher Kubernetes management (internal)wiki.akshi.gov.al— Internal wiki (internal)internal.akshi.gov.al— Internal portal (internal)test.akshi.gov.al,test2.akshi.gov.al— Test environments (internal)stats.akshi.gov.al— Statistics portal (internal)ams.akshi.gov.al— 403 Forbidden (live but blocked)
All new subdomains are internal-only or return blocking responses. No new public attack surface was discovered in Phase 2 on AKSHI’s own infrastructure.
AKSHI Security Assessment
| Target | Finding | Assessment |
|---|---|---|
| akshi.gov.al (WordPress) | REST API returns 401 for all authenticated endpoints | Hardened |
| akshi.gov.al | User enumeration disabled | Hardened |
| akshi.gov.al | WAF blocks .env, wp-config.php.bak, xmlrpc.php | Hardened |
| akshi.gov.al/readme.html | WordPress version information potentially exposed | Low risk |
| Diella frontend bundle | No credentials or API keys found | Clean |
| crt.sh subdomain visibility | 110 subdomains visible in certificate transparency | Info disclosure |
| Internal infrastructure | Keycloak, Hasura, Jira, Rancher — all internal-only | Properly segmented |
The “83 Children” Initiative
In October 2025, PM Rama announced that Diella is “pregnant” with 83 digital assistants — one for each ruling-party Member of Parliament. These AI parliamentary assistants are planned to:
- Record and transcribe all parliamentary sessions
- Take detailed notes on proceedings
- Advise MPs on how to vote on specific legislation
- Monitor legislative activities and flag inconsistencies
Expected operational date: end of 2026. If deployed, Albania’s parliament would become the most comprehensively AI-monitored legislature in the world. The same parliament whose backend API exposed every MP’s PII and 54,545 documents without authentication.
Contextual Questions
The technical security of Diella’s own infrastructure is, in isolation, competent. But the institutional context raises questions that technical audits cannot answer:
- Was Diella’s training data sourced from systems that were compromised by Iranian hackers in 2022?
- The AKSHI Director General who oversaw Diella’s development was arrested for corruption in December 2025. What decisions did she make about Diella’s access scope and data sources?
- Diella has access to 36,000+ government documents. Were any of these sourced from systems with the same security posture as the Parliament API (no authentication)?
- Who provides independent oversight of an AI system built by an agency that was itself a criminal enterprise?
An anti-corruption AI built by a corrupt agency, monitoring a parliament with an unauthenticated API, and trained on data from systems breached by a foreign intelligence service. The technical surface is hardened. Everything around it is not.
Sources
- TIME — Albania’s AI-Powered Minister Tests the Future of Government
- Wikipedia — Diella (AI system)
- Al Jazeera — Albania appoints AI bot ‘minister’ to fight corruption
- Euronews — Albania’s AI minister is ‘pregnant’ with 83 digital assistants
- EU ISS — AI Minister and EU Accession
Methodology: All infrastructure data was gathered through passive OSINT — public DNS resolution, certificate transparency (crt.sh), HTTP header inspection of public endpoints, and JavaScript bundle analysis. No authentication was bypassed. No systems were accessed beyond their public-facing web interfaces.
Research: January 25, 2026 (Phase 1) + February 25, 2026 (Phase 2) — ODINT Albania Investigation