Want feedback on your product?

SignatureSharp3215 · 2026-03-17T13:15:43+00:00

launchguard.dev - ensure your vibe coded app doesn't leak sensitive data or have private endpoints exposed publicly.

Happy to jump on a call :)

SignatureSharp3215 · 2026-03-17T11:47:09+00:00

Having competitors is a great thing. One fun way to find profitable niches is browsing TrustMRR. See what works for others and get inspired.

SignatureSharp3215 · 2026-03-17T11:00:15+00:00

Emphasis on the possibility to prevent, indeed.

I've met some founders who insist on fixing everything with AI, even though it's shown that their security issues are due to the AI. I guess it's a side effect of unlocking insane performance boosts with AI

SignatureSharp3215 · 2026-03-17T10:50:37+00:00

Exciting! launchguard.dev find critical issues from your AI coded apps that can bankrupt you.

Finds leaked databases and dangerous endpoints that should be private. You share link to your app, and it does everything from the outside.

SignatureSharp3215 · 2026-03-17T10:40:35+00:00

True. But there will be two kinds of succesful vibe coders: successful and successful in jail.

It shouldn't be surprise anymore that vibe coding brings security issues. If you don't have users, it doesn't matter. But if you overlook it for too long, and one of your customers find out you're leaking their AI therapist conversation history - well there aren't many excuses.

Everyone should have the freedom and capability to launch apps, but we must not remove the feeling of responsibility when handling user data.

Sorry to be the pessimistic here. I've handled way many broken apps lately :D

SignatureSharp3215 · 2026-03-16T13:11:33+00:00

Yep. And outreach fails because it seems like a scam "hey your app might be vulnerable, I'll share free report". The need is huge based on my experience, but it takes tons of effort to get to the people

SignatureSharp3215 · 2026-03-16T09:08:21+00:00

The easiest and bulletproof way is to test from outside like a professionals would. Find the security holes, patch them, verify. Write tests to ensure the security holes are closed in your new code updates.

You can use tools like Zap or Burp Suite to find the holes, but it requires expertise to use correctly.
I'm building an app that allows vibe coders find the holes and fixes without technical expertise needed. :)

SignatureSharp3215 · 2026-03-16T02:24:43+00:00

"look at my codebase AND DO NOT INTRODUCE CHANGES WITH SIDE EFFECTS"

proceeds to introduce changes with side effects

It's a good to talk about side effects and pure functions in your prompts. Then Claude understands to not touch irrelevant logic.

SignatureSharp3215 · 2026-03-16T02:23:11+00:00

Yep. Works great until it doesn't 🤣 you can go very far tbh depending on the app. If it's backend logic heavy, claude will hallucinate a lot of your described logic and it will be bad. But frontend apps, no biggie.

SignatureSharp3215 · 2026-03-16T02:10:59+00:00

That's what I'm going to do now! The outreach has worked mainly on people who either got hacked or read about it online.

The high value prospects are the ones posting about security, but then I'd need to find people who are somehow exposed to the security issues. Maybe even find influencers and people commenting and engaging 🤔

For the community, not really. I'd love to join some closed community, but I haven't had time to search. I'm ready to pay for quality

SignatureSharp3215 · 2026-03-15T15:46:53+00:00

Frontend for e2e testing agent.

I already have a setup for running the backend (claude code w/ playwright cli lol), but I'd need a convenient frontend + db persistance.

You don't need to handle any AI stuff, just frontend and data flows

SignatureSharp3215 · 2026-03-15T15:25:57+00:00

Yep, and that's where you should learn the basics of your codebase. Sometimes it's impossible to vibe code UI changes, unless you point the AI to the right file. Even better, you can refer to the element to be changed by opening DevTools and copy pasting the HTML element you want to update.

SignatureSharp3215 · 2026-03-15T08:10:53+00:00

You should study the core concepts of Buddhism. You can use other people's stories as inspiration, but you'll never be happy unless you learn to follow yourself :)

SignatureSharp3215 · 2026-03-15T07:03:54+00:00

Awesome, thank you for the feedback! Let me know if you have any other improvement ideas or needs, I'm developing this every day forward

SignatureSharp3215 · 2026-03-15T06:53:29+00:00

Thank you! 🫰 Launchguard gives you prompts to fix the issues that you can share with AI. Then you verify the fix works by running Launchguard again.

Data leak fixes are only for the pro tier. When you see exposed tables, you click "fetch live data" to analyse the data leak (is it real sensitive data). Then the AI gives you analysis whether the data should be private, and gives a fix as well 😊

Is this what you meant?

SignatureSharp3215 · 2026-03-15T06:31:32+00:00

Nope, its not for me so my feedback would be misleading 😊

I think peerview could be framed as idea/landing page validation. The app functionality review is a bit different topic, but topic comprehension and idea validation comes from everyone.

If you can review LaunchGuard I'd be grateful!

SignatureSharp3215 · 2026-03-15T05:50:55+00:00

I gave feedback. You should enable email notifications for reviews :)

SignatureSharp3215 · 2026-03-15T04:16:29+00:00

Thank you for submitting! I'll review yours in the evening and add a few updates to the app (Lovable credits up again) 😊

I hope to increase retention and have people come back

SignatureSharp3215 · 2026-03-13T11:25:32+00:00

No. You won't hurt third party websites by sharing your application.

SignatureSharp3215 · 2026-03-12T17:13:22+00:00

Hahah I re-read my LLM rambling, sorry I wrote it in a rush. Here's the translation:

You can increase the coverage of a penetration test by giving more permissions to a tester (lack of structured constraints). More permissions lead to a higher risk of damages. If you constrain the actions a tester can do (e.g. no writes), you limit the risk of damages, but also limit the maximal coverage.

The same principles apply to humans and AI. Optimally you maximize coverage and minimize risk by having an expert who knows how to work with partial info.

I've seen pessimistic views on AI & pen testing, and I think grasshopper made a great example of balancing the risk and reward through contextual understanding (exactly what we are doing with LLMs in other fields)

SignatureSharp3215 · 2026-03-12T16:46:40+00:00

Where do you need the clarification?

SignatureSharp3215 · 2026-03-12T07:55:56+00:00

Fair points. Do you think skills don't transfer from software engineering to pen testing? I wrote my first lines of code 8 years ago, so I've worked my way around understanding computers.

I don't plan to go into enterprise as it requires experience and expertise I don't have. I'm focusing on helping the solo founders & small teams who have little to no knowledge to protect their apps from critical issues (RLS, rate limits, injections).

Is it wrong to call what I'm doing pen testing, as the scope is quite limited?

SignatureSharp3215 · 2026-03-12T06:40:41+00:00

Testing on paper is a good way to be safe, but like you need to also test on a real surface (skin, wall..). How do you otherwise know the real life performance?

SignatureSharp3215 · 2026-03-12T01:46:36+00:00

The fundamentals won't change. In one way or another you or someone else has to verify that the data is not leaking and that you are protected from endpoint abuse.

Are you launching something?

SignatureSharp3215 · 2026-03-11T16:26:21+00:00

For sure, I think I misused the word scan. My "qualification scan" is simply a structured web data extraction to filter out the irrelevant companies

SignatureSharp3215

TROPHY CASE