Practical guides for finding and fixing security flaws in AI-generated apps.

Mozilla Observatory and SecurityHeaders.com grade response headers. Vibecheck reads the JavaScript bundle: it pulls Supabase JWTs and decodes them, finds OAuth authorize URLs and inspects parameters, fingerprints Service Worker registrations, locates LLM prompt templates left in client code, and checks whether importScripts calls cross trust boundaries.

The complete map. Where AI app builders fail in four predictable ways, what real breaches look like, and the five-stage workflow to ship without leaking.

Eight RLS patterns covering ~95% of what vibe-coded apps need: per-user ownership, public-readable, tenant-scoped, profile, member-of-conversation, soft-delete, append-only audit log, visibility levels. With actual policy SQL, the WITH CHECK gotcha, performance pitfalls, and a testing strategy.

Four AI app builders compared on what they ship by default — hosting model, RLS, secrets handling, sourcemaps, CI. The matrix that tells you which one to reach for and what extra work each one demands.

The textbook vibe-coded breach. RLS never enabled, anon key in the bundle, every table publicly readable. A forensic timeline from launch tweet to data dump, plus the four lines of SQL that would have prevented it.

If service_role appears in your client JS, every visitor can bypass Row-Level Security entirely. The four-step response: revoke, rotate, audit, prevent.

20% of Lovable-built orgs had public DB misconfigurations. 10.3% had critical RLS failures. The audit Lovable does not ship — eight items with exact commands to test each one.

Bolt ships full-stack apps in WebContainers in minutes. Seven specific failures that show up in Bolt-built apps — env vars in src/, sourcemaps in production, generated CORS holes, exposed dev routes — and how to fix each one.

Unlike Lovable and Bolt, v0 doesn't host your app. It generates Next.js code you paste into your repo. The risk is what makes it through your review — six patterns to catch what v0 ships you.

Replit Agent ships full-stack apps fastest because it owns the entire stack. That breadth is also why the security surface is biggest. Six checks to run before flipping from private to public.

Convex doesn't have Row-Level Security. Every query and mutation must enforce auth at the function level. Six concrete things to check in any Convex app.

Appwrite has rich collection-level permissions but they're permissive by default. Six checks: read/write permissions, document rules, attribute exposure, function auth, storage buckets.

Pocketbase's default rules are blank — which means open. Six checks for any self-hosted Pocketbase deployment, from collection rules to admin UI exposure.

Firebase test-mode rules grant public access for 30 days — apps regularly ship before the timer fires. Six checks across Realtime Database, Firestore, Storage, Auth, App Check, and the client config — with the exact rule blocks to copy.

If sk_live_ is in your JavaScript, every visitor can issue refunds, drain customers, and pull payment methods. Five-step response: roll, verify, audit, file, prevent.

If sk- or sk-ant- shows up in your bundle, every visitor can drain your API budget. Five-step response: rotate, scope (restricted keys / Workspaces), audit usage anomalies, find every commit and CI log, prevent the next one with a server proxy.

JWTs with alg: "none", no exp claim, multi-month expiration, hardcoded admin tokens, stale test fixtures. Five patterns vibecheck flags in client bundles — with the exact jose / jsonwebtoken verifier code to copy.

Stripe whsec_, GitHub webhook secrets, Slack signing secrets, generic WEBHOOK_SECRET strings. When they leak, attackers forge any event your handler accepts. Provider-by-provider rotation walkthroughs.

The "echo the Origin header" pattern + Allow-Credentials: true = one-step path to cross-origin theft. Five patterns vibecheck flags via active probing, with the exact cors middleware config to copy.

'unsafe-inline', 'unsafe-eval', wildcard script-src, data: in script-src, missing default-src, Report-Only forever. Six CSP weaknesses vibecheck flags, why each is exploitable, and the strict-CSP recipe that replaces them.

Every deploy ends with a smoke that runs vibecheck against vibecheck. Current self-scan: grade D, one accepted CSP finding (with the trade-off documented), every other detector clean. The smoke gate prevents the D from quietly becoming an F.

When you actually need service_role, where it lives, the per-request authorization layer that prevents every caller from getting admin, and how to log every privileged operation. The piece between "leaked service_role" and "don't use service_role at all".

Three minutes of an attacker's time and your src/ is on their disk — comments, dead code, and committed secrets included. Per-bundler config fixes for Vite, Next.js, webpack, esbuild, Rollup. The three legitimate reasons to ship maps anyway.

SameSite=Lax blocks most CSRF — but state-changing GETs slip through, === token comparison is timing-attackable, parent-domain cookies cross subdomain takeovers, bearer-token auth (Supabase, Firebase) sidesteps CSRF but creates XSS-amplification problems, and JSON endpoints with permissive content-type checks accept cross-site form posts. Five edge cases.