VibeSafe is a security scanner specifically designed for applications created using AI coding tools. It scans web applications to identify security vulnerabilities that commonly occur in code generated by AI assistants and low-code platforms.

The scanner performs 55+ security checks tuned for AI-generated code patterns, including exposed secrets like API keys and environment variables leaked to the browser, authentication gaps such as missing auth checks and open endpoints, security headers configuration including CSP and HSTS, CORS misconfigurations with wildcard origins, database exposure through public Supabase/Firebase rules, and payment security issues like Stripe key exposure. The checks are specifically designed to catch mistakes made by tools like Cursor, Claude Code, Bolt, Lovable, v0, Replit, and Windsurf.

The scanning process involves three simple steps: paste your deployed app URL (works with Vercel, Netlify, Railway, or any host), wait 60 seconds while the scanner runs security checks tuned to AI-generated code patterns, and receive a comprehensive report card with a letter grade, prioritized findings, and step-by-step fix instructions.

VibeSafe helps developers identify critical security issues before deployment, preventing vulnerabilities from reaching production. It addresses common problems AI tools create, such as hardcoded API keys in client-side code, missing security headers, exposed Supabase service role keys, API routes without authentication, and CORS wildcard configurations.

The tool is designed for developers using AI coding assistants and low-code platforms who need to ensure their applications are secure before shipping. It offers GitHub repository integration for source code scanning and provides AI-generated fix code for identified vulnerabilities.