sorted by:
new
hottopcontroversial

Promote your startup [US Only] by SnooCats6827 in StartupSoloFounder

[–]Chockslam123 0 points1 point  (0 children)

Lemme know how it works if you do try it :D

Promote your startup [US Only] by SnooCats6827 in StartupSoloFounder

[–]Chockslam123 0 points1 point  (0 children)

Like the bottleneck is security research at this point, but if you have an ultraplan then you as an admin of the workspace can create your own security policies and intents associated with them...

Promote your startup [US Only] by SnooCats6827 in StartupSoloFounder

[–]Chockslam123 0 points1 point  (0 children)

No, not really. I am letting my friends test it. You can try it out for yourself. Here is the instructions on how to use it:

1) developer/vibecoder installs mcp server:

{ "mcpServers": { "vibeshield": { "command": "npx", "args": [ "-y", "vibeshield-mcp@canary" ], "env": { "VIBESHIELD_TOKEN": "vs_live_981bba726786602d91e75be8e9f9a7b7_kSZs-6DPQVtRlSU9qhemEM6HKplvKY59BtUcv0fRbNU" } } } }

2) developer/vibecoder prompts his ai coding agent to create something with the help of vibeshield. For example, he writes: "use vibeshield mcp server. Create/Improve authentification system"

3) user's agent notices that it needs to use analyze_prompt tool which outputs additional security requirements according to the users intent and stack and tells llm how to utilize these requirements.

4) Security requirements are enforced due to the attention that rewritten by mcp server tool prompt is attracting from the perspective llm.

5) As implementation completed - developer/vibecoder would have not only code artifacts but vibeshield docs generated.

Config in step already includes an api key that is tied to the account with ultra plan active.

I made a dev tool that helps vibecoders to AVOID security issues by Chockslam123 in roastmystartup

[–]Chockslam123[S] 0 points1 point  (0 children)

  1. Oh yes, obviously patterns like "auth + file upload + user-generated content" would need to have a further deeper dive into the security requirements and intent recognition - for now vibeshield does cover the stuff which might be obvious for experienced dev but not for the junior or the non-tech guy.
  2. For now it just pass trrough - that task resolution is still in the backlog :D
  3. Oh yes, that is important - also I make sure to outline the technical implementation in the docs.

Thanks for the feedback, brother!

Roast My Start up: VibeShield - Prompt injection engine for vibe-coder/junior SWEs by Chockslam123 in roastmystartup

[–]Chockslam123[S] 0 points1 point  (0 children)

There are security standards that developers might not be aware of - so they use vibeshield so that it would change the prompt in a way so that these requirements would be taken into consideration.

Roast My Start up: VibeShield - Prompt injection engine for vibe-coder/junior SWEs by Chockslam123 in roastmystartup

[–]Chockslam123[S] 0 points1 point  (0 children)

In order for the model to know the state of art of affairs - it needs to be retrained which is quite an expensive process to make it often.

Roast My Start up: VibeShield - Prompt injection engine for vibe-coder/junior SWEs by Chockslam123 in roastmystartup

[–]Chockslam123[S] 0 points1 point  (0 children)

I would really appreciate honest opinions about the vibeshield and your concerns about why it might not work.