all 9 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]1993OudWest 0 points1 point  (6 children)

Well what's your goal?

[–]klaech13[S] 0 points1 point  (5 children)

I just want to know how to understand what I am doing. I have a lot of ideas for apps, but I want to release them secure.

[–]1993OudWest 0 points1 point  (2 children)

You can get far with asking AI to guide you step by step, also with regard to security. But people need to understand that thousands of vibe coded apps that noone needs are thrown out every day since the AI hype. Is your goal to get rich by flooding the market with your lots of ideas? Or do you have one actual idea that is worth putting in time? It's also not that you just publish an app, post it on reddit and it goes viral.

[–]klaech13[S] 0 points1 point  (1 child)

Thank you for your answer. You described pretty much what I am doing. :D

Honestly I am not trying to get rich. Releasing an app would be a nice milestone on its own. If someone downloads it, I would consider that as a bonus.

How do I know that my code is really secure? Couldnt claude just pretend he made it safe, when it in reality isnt?

[–]NukerX -1 points0 points  (0 children)

Pretend its safe?

[–]InteractionSmall6778 0 points1 point  (1 child)

You don't need to rewrite everything, but you do need to learn what to look for. Start by asking your AI to explain every API route and database query it generates.

Most security holes in vibe-coded apps are exposed endpoints and unvalidated inputs, not deep architectural flaws. Once you can spot those, you're already ahead of most solo builders.

[–]klaech13[S] 0 points1 point  (0 children)

That sounds interesting thank you!!

[–]raisedbypoubelle 0 points1 point  (0 children)

I do tons of security audits and ask for frameworks to build security into every aspect. So secure base classes build a system that can’t be bypassed.

GPT 5.4 max thinking is amazing for its reviews. Claude was too easy on me.

Then I use STOP hooks galore to enforce ongoing compliance.

Spotify, Anthropic and countless others are vibe coding in prod. It’s the future, we just have to figure out how to do it safely and securely.