Blog
Security guides for vibe coders
Practical security guides for apps built with AI coding tools. Find vulnerabilities, understand why they happen, and fix them.
Automate Security Scans with the VibeSafe GitHub Action
Add VibeSafe to your CI/CD pipeline with a single GitHub Action. Scan every deploy for security vulnerabilities and get results as PR comments.
Your Supabase Service Key Is Exposed in the Browser — Here's How to Fix It
AI coding tools like Lovable and Bolt often leak your Supabase service_role key into client-side JavaScript. Learn how to detect and fix this critical vulnerability.
Security Checklist for Apps Built with Cursor
A practical security checklist for developers using Cursor AI to build web apps. Covers API keys, auth, headers, CORS, and common AI-generated vulnerabilities.
5 Security Risks Every Vibe Coder Should Know
Vibe coding with AI tools like Cursor, Bolt, and Lovable is fast — but it creates predictable security vulnerabilities. Here are the top 5 risks and how to fix each one.
How to Add Security Headers to Your Next.js App
A complete guide to adding Content-Security-Policy, HSTS, X-Frame-Options, and other security headers to Next.js apps deployed on Vercel, Netlify, or Railway.
Security Guide for Lovable and Bolt Apps
Lovable and Bolt ship fast but create predictable security holes. This guide covers the most common vulnerabilities and step-by-step fixes for each one.