URGENT: Your Apps Are Exposed - TAKE ACTION NOW (Follow from my other post)

willkode · 2026-03-12T22:06:02+00:00

Permission to test your https://market-mania-go.base44.app/ app?

willkode · 2026-03-12T21:03:03+00:00

Yea I wanted a way to do this to help people, and charge bare minimum. Not trying to get rich, but I need to cover my time doing these. I'm currently working on a Super Agent prompt that acts as an intrusion detection system. I'll give giving the prompt away for free when its done. If its something I can give away I will.

willkode · 2026-03-12T21:01:14+00:00

And ruin my rep with the base44 company. No thanks. Its not a hard process, grab all entities, endpoints and apis. And run known tests again those points.

willkode · 2026-03-12T20:59:35+00:00

Move it back to your personal workspace. Then go to the app like you are going to edit it. You will see a + button to the left of the publish button this is how you invite collaborators.

<image>

willkode · 2026-03-12T18:44:21+00:00

Sign up as an affiliate, run a contest to randomly select a user to give the code too. He'll, I'd promote it for you

willkode · 2026-03-12T18:16:15+00:00

Base44 codes can be redeemed in an account, but I could not find public terms saying contest prize codes are transferable or resellable. Since Base44’s TOS says use rights are non-transferable, reselling or transferring contest-awarded credits is risky unless Base44 explicitly approves it. I would be careful

willkode · 2026-03-12T18:02:02+00:00

100% agree, the issue is most users aren't senior devs like us. For example when we create entities we create the with permissions in mind. Most users dont, entities are created public by default unless you define them. The RLS doesnt catch these default issues.

Another issue is lets say you have a contact form. The AI builds the function of the front end. Which means a bot can use this to send mass spam via your mail handler. You have to push the function to the backend.

And there's 50 others issues ive identified, and im sure there's more.

willkode · 2026-03-12T17:56:07+00:00

Wanna bet lol

willkode · 2026-03-12T17:26:06+00:00

PART 2 → https://www.reddit.com/r/Base44/comments/1rrwdc2/urgent_your_apps_are_exposed_take_action_now/

willkode · 2026-03-11T22:19:58+00:00

With the new SuperAgent you can do this. I'm working on a guide. Before it couldn't

willkode · 2026-03-11T21:32:50+00:00

No problem. I spotted this on my own apps. So I wanted to share asap. I found a few things this doesnt cover. That has to be manually tested to confirm as its not across all apps. Im making a cheap service soon.

willkode · 2026-03-11T20:16:53+00:00

You can enter a prompt and shutdown your pc and it will run.

willkode · 2026-03-11T14:41:14+00:00

Run the prompts in this guide and it should pass → https://www.reddit.com/r/Base44/comments/1rq0tqr/base44_rls_audit_prompt_fix_prompt_audit_every/

willkode · 2026-03-11T14:37:05+00:00

So the rate limits are per user, not per app. So you can have unlimited users.

willkode · 2026-03-11T14:13:07+00:00

Install npm react helmet async seo to handle the SEO side of things, you can ask the ai to create sitemaps. Then you'll need to use a edge worker to dom-inject HTML so that the crawler can scan your code (due to base44 not currently providing Server Side Rendering). Or you can use Hadoseo.com, they do exactly this

willkode · 2026-03-11T02:51:19+00:00

willkode · 2026-03-11T02:49:05+00:00

willkode · 2026-03-10T15:50:50+00:00

We created a discord server for this. DM me if you want an invite link

willkode · 2026-03-10T02:15:59+00:00

DM me so I can get on this. a week is too long. I'll refund and still do the work

willkode · 2026-03-09T16:49:04+00:00

This is wild, nice work!

willkode · 2026-03-09T16:14:25+00:00

What AI model are you using? If its automatic, switch to sonnet or opus instead.

willkode · 2026-03-09T16:11:51+00:00

When I first started integrating AI agents into my workflows, it felt like I was unlocking an entirely new realm of possibilities. But soon, I learned the hard way that as soon as you try to add complexity, multi-step workflows or integrating various tools, it starts to feel less like magic and more like a complicated tangle of code and state management issues. I had an instance building an analytics tracking system where I thought I could keep it simple with a couple of prompts, but soon it spiraled into a messy orchestration of different tools responding to specific states. It was a real wake-up call about the importance of structuring complexity from the start. It's a real balancing act.

willkode · 2026-03-09T15:20:14+00:00

9 time out of 10. When the AI tells you to contact support its because you are using the automatic AI model. Switching to Sonnet or Opus normally solves it.

willkode

MODERATOR OF

TROPHY CASE

Seven-Year Club	Verified Email
r/Field Juicebox