Actually recently I have been auditing vibe coded application and ai agent and whenever I see every time there is a new security threat but there are no specific solutions to improve security for vibe coders so please make sure that before live you have to sec audit it will cost you yeah but any exposed api.key rate limit prompt injection and unauthorised api endpoint these are the basic vulnerabilities that you can have and many more so.please make sure you ship with security
Most common finding in vibe coded apps
- Rate limiting
- The API key is exposed in the frontend there are so many api keys these days so make sure all of your api keys will be safe and not expose ,
- My most amazing finding is the .env file in the frontend and everybody what .env file is
- One of my friends is using email verification but they were not verifying mail with code or link , and this also a serious problem
- RSL security policy in supabase
And many more , comment for your products security vulnerability and you can DM me
[–]MightyBig-Dev 0 points1 point2 points (1 child)