security report for AI-built apps

Did your AI ship a security hole?

Vibe-coded apps leak API keys, expose databases, and skip auth — and the tool that wrote the code won't tell you. Paste a public repo and find out in seconds.

github.com/
no signup · we never store your code · public repos only
Exposed secrets
API keys, tokens, and credentials committed to the repo.
Open databases
Public Supabase / Firebase rules and missing access control.
Missing auth
Unprotected API routes and endpoints anyone can call.