Skip to content

> security field notes

Security notes for apps built in Cursor, Bolt, and Lovable.

Practical launch-risk articles with scanner-style evidence and fixes builders can apply before shipping an AI-built app.

Topic rails
AuthHeadersExposureLaunch checks
Launch checksJune 5, 20267 min read

AI-built app launch security checklist

Before an AI-built app gets shared publicly, check the things attackers can inspect without an account: exposed files, missing headers, public source maps, auth edges, and deployment metadata.

Launch checksExposureAuthHeaders
Read field note
field-note · launch-checklist
public-surface

Start with the public surface

auth-and-rate-limits

Check auth paths and rate limits early

headers

Treat security headers as launch infrastructure

source-maps-and-secrets

Look for exposed build context

Lovable6 min read

Lovable app security risks before launch

Common public-surface risks to review before sharing a Lovable-built app with users, judges, or customers.

LovableExposureLaunch checks
Exposure5 min read

Source maps and public exposure in vibe-coded apps

How public source maps can reveal implementation details, and what to check before an AI-built app ships.

Source mapsExposureBuild output
Headers6 min read

Security headers for AI-built apps

The browser security header baseline AI-built apps should review before a public launch.

HeadersCSPBrowser security
Launch checks6 min read

One hour before launch: what to check on your AI-built app

A pre-launch security checklist for AI app builders. Five go/no-go gates, ordered by what a stranger can see from your public URL in the last hour.

Launch checksTriageExposure
Launch checks6 min read

Solo-founder SaaS security checklist before launch

A solo founder SaaS security checklist before launch that splits the work into the public-surface half a scan can clear and the half that still needs a human.

Launch checksSolo founderAuth
Launch checks7 min read

AI-built MVP security before making public

When an AI-built MVP goes from private beta to public, trust assumptions silently break. The checks that catch them before strangers arrive.

Launch checksTrust boundaryMVP security
Lovable6 min read

Lovable and Supabase: RLS defaults that leave tables open after launch

A lovable supabase RLS security check to tell if your Supabase tables are readable with the anon key, and how to close them before you share the URL.

LovableSupabaseRLS
Builders6 min read

Replit app security: risks when your app goes from private to public

Replit app security shifts the moment you flip the deploy toggle. What the internet can reach when private turns public, and the logged-out checks to run first.

ReplitLaunchPublic surface
Builders7 min read

AI-generated insecure defaults: the security patterns Cursor and Lovable skip

The insecure defaults in AI-generated code that ship to production, and the public-surface checks that catch each one before a Cursor or Lovable app goes live.

BuildersInsecure defaultsLaunch checks
Launch checks6 min read

Stripe payment security checks for AI-built apps before launch

An AI-built app Stripe payment security checklist for founders shipping checkout: catch leaked secret keys, test-vs-live keys, and webhook gaps before launch.

StripePaymentsLaunch checks
Builders6 min read

Cursor-generated apps: insecure defaults to check before launch

A pre-launch check of cursor generated app security defaults, secrets, missing auth, source maps, and CORS, that reach production when code ships unreviewed.

CursorInsecure defaultsPre-launch
Builders6 min read

Bolt.new app security: what ships by default and what to fix

A look at Bolt.new app security defaults — source maps, client env exposure, headers, and backend config — and what to check before the public URL spreads.

Bolt.newBuildersPublic surface
Exposure6 min read

Public .env file exposure: how deployed apps leak secrets through the webroot

A check for public .env file exposure in a deployed app: request /.env on your own URL, read why it happens, and fix it before any secret is reachable.

ExposureSecretsDeployment
Exposure6 min read

Exposed .git directory on production: what it leaks and how to check

If a request to /.git/HEAD returns 200, your whole source history may be downloadable. Here is the one-request exposed .git directory production check, and the fix.

ExposureGitDeployment
Exposure6 min read

Debug endpoints left open in production AI-built apps

How debug endpoints left open in production leak env values, versions, and stack traces, and a self-check to find and close them before you share the URL.

ExposureDebug routesInformation disclosure
Exposure6 min read

Public backup files in the webroot: .sql, .zip, .bak reachable without auth

A public backup files webroot security check: find the database dumps and project archives anyone can download by guessing the filename, before you launch.

ExposureBackupsDatabase dumps
Builders6 min read

Bolt.new Supabase integration: checking the anon key scope before launch

A bolt new supabase security check for the anon key in your bundle — find which tables it can read or write from outside, and close them before launch.

Bolt.newSupabaseanon key
Builders6 min read

Windsurf app security: gaps in Cascade's default scaffolding

A windsurf app security check for Cascade-scaffolded builds: missing route auth, live debug endpoints, wildcard CORS, and inlined config before launch.

WindsurfCascadeScaffolding
Builders7 min read

Base44 app security: default configs to review before sharing your app URL

A base44 app security review of the data-access defaults to audit before you share the URL: open API routes, unauthenticated data endpoints, and headers.

Base44BuildersData access
Builders6 min read

v0 by Vercel: security checks before you deploy the generated UI

A v0 vercel app security check for the gaps a UI generator cannot own — auth boundaries, client-side data fetching, and headers — before you deploy.

v0VercelAuth
Builders6 min read

Replit Deployments vs Repls: the security boundary before you ship

Replit deployments security depends on knowing a dev Repl and a Deployment are different trust surfaces. What the public actually hits, and the checks to run first.

ReplitDeploymentsPublic surface
Secrets6 min read

VITE_ prefix ships your secrets to every browser

How VITE_ environment variables exposed in your client bundle happen by design, how to check your built JavaScript for them, and what to rotate before launch.

SecretsViteBuild output
Secrets6 min read

NEXT_PUBLIC_ and the accidental secret: what Next.js exposes at build time

How a NEXT_PUBLIC_ environment variable secret gets exposed in the Next.js client bundle, how to check your built JavaScript for it, and how to fix it before launch.

Next.jsSecretsEnvironment variables
Secrets6 min read

Supabase anon key vs service_role key: what belongs in the frontend

A guide to supabase service_role key frontend exposure — tell the two Supabase keys apart, check your bundle for the wrong one, and rotate before launch.

SecretsSupabaseservice_role
Secrets6 min read

Find your API key in the browser network tab before attackers do

A five-minute self-audit to find an API key in the browser network tab and client bundle of your AI-built app, using only DevTools, before you launch.

SecretsDevToolsClient bundle
Exposure6 min read

How to disable source maps in Vite production builds

How to disable source maps in Vite production builds with build.sourcemap false, why .map files still ship, and how to verify none load on your live URL.

ViteSource mapsBuild output
Exposure6 min read

How to disable source maps in Next.js production builds

How to disable source maps in Next.js production: confirm the productionBrowserSourceMaps flag, set next.config, and verify no .js.map ships to the browser.

Next.jsSource mapsExposure
Exposure6 min read

How to disable source maps in Nuxt 3 production builds

How to disable source maps in a Nuxt 3 production build using the sourcemap key, plus the client vs server distinction and how to verify no .js.map is public.

Source mapsNuxtBuild output
Exposure6 min read

robots.txt leaking private routes in AI-built apps

How a robots.txt leaking private routes hands attackers a map of your /admin and /api paths, plus a self-check to read what yours reveals before launch.

Exposurerobots.txtInformation disclosure
Exposure6 min read

Deployment metadata files exposed: vercel.json, netlify.toml, fly.toml

A check for whether vercel.json is exposed in public production, plus netlify.toml and fly.toml, what each one reveals about your app, and how to stop serving them.

ExposureDeployment configRecon
Supabase6 min read

How to check if your Supabase tables are publicly readable

A 60-second supabase public table access check you run on your own app to learn which tables answer an anonymous caller with the anon key, before launch.

SupabaseRLSPostgREST
Secrets6 min read

Stripe publishable key vs secret key: what the frontend is allowed to know

A Stripe secret key exposed in the frontend is a launch blocker. This note shows how to check your client bundle for sk_live_ and what to rotate if it shipped.

SecretsStripePayments
Supabase6 min read

Supabase storage bucket visibility: public vs private before launch

A supabase storage bucket public access check to tell whether uploaded user files are world-readable by URL, and how to make sensitive buckets private before launch.

SupabaseStorageAccess control
Secrets6 min read

Server-only vs public env vars: the split every AI-built app gets wrong

A guide to server only vs public environment variables across Vite, Next.js, Nuxt, and SvelteKit, so you know which vars are safe in the browser before launch.

SecretsEnvironment variablesFramework defaults
Secrets6 min read

Hardcoded secrets in AI-generated code: what to grep before you deploy

A repo-level self-check for hardcoded secrets in AI generated code, with the grep patterns and history scans to run before you deploy and ship the build.

SecretsGitPre-deploy
Supabase7 min read

RLS policy patterns that still leak data in Supabase

Common supabase RLS policy pitfalls for AI-built apps: five enabled policies that look correct but still let the anon or any logged-in user read others' rows.

SupabaseRLSAuthorization
Firebase6 min read

Firebase security rules: the open-by-default trap in AI-built apps

A firebase security rules AI app check for builders: how to tell if your Firestore or Realtime Database is openly readable before launch, and how to close it.

FirebaseFirestoreSecurity rules
Secrets6 min read

Anthropic API key in a Vite or Next.js app: server-only or live risk

How to tell if your Anthropic API key is exposed in the client bundle of an AI-built app, why the Claude SDK invites this, and how to move the call server-side.

SecretsAnthropicLLM
Secrets6 min read

OpenAI API key in the frontend: why it gets drained

An OpenAI API key exposed in the frontend is reachable by anyone and runs charges on your account. How to check your bundle and what to fix before launch.

SecretsOpenAIClient bundle
Supabase6 min read

Disabling RLS on a Supabase table: what it means for a public production app

The Supabase disable RLS production risk explained for solo builders: what every visitor can read with the anon key, and the launch-day decision it forces.

SupabaseRLSLaunch
Supabase6 min read

Supabase Edge Function secrets: what leaks when error handling is missing

A supabase edge function secrets exposure check for builders shipping AI-generated functions, so a crashed handler does not return env var names and URLs.

SupabaseEdge FunctionsSecrets
Supabase6 min read

Supabase GraphQL endpoint: what it exposes when RLS is missing

A Supabase GraphQL endpoint security check for builders: see what your schema and tables leak through /graphql/v1 with the anon key before you launch.

SupabaseGraphQLRLS
Supabase6 min read

Signed URLs in Supabase: when they protect files and when they do not

Supabase signed URLs security explained for indie builders: what a signed URL actually prevents, the gaps it leaves open, and what to verify before launch.

SupabaseStorageAccess control
Auth6 min read

Auth bypass in AI-generated middleware: how to spot unprotected routes

An auth bypass middleware check for AI-built apps: find API routes that return data without a login, and learn the server-side guard that closes them.

AuthMiddlewareAPI routes
Auth6 min read

Magic-link auth in AI-built apps: what to check before launch

A magic link security checklist for AI-built apps, covering token expiry, single-use, issue-endpoint rate limits, and redirect validation before launch.

AuthMagic LinksPasswordless
Auth6 min read

Login endpoint rate limiting for vibe-coded apps

How to add and verify rate limit login endpoint protection on AI-generated auth routes, so a single attacker cannot run unlimited password guesses at launch.

AuthRate limitingAbuse
Auth6 min read

Account enumeration via login and password reset in AI-built apps

An account enumeration attack lets outsiders confirm which emails have accounts on your AI-built app. How to test your login and reset flows and fix it.

AuthEnumerationLogin
Auth6 min read

Waitlist and signup form abuse in vibe-coded SaaS apps

A signup form abuse prevention guide for founders of AI-built apps: how bots and disposable emails flood open endpoints, and the controls to add first.

AuthRate limitingAnti-abuse
Auth6 min read

Supabase Auth email OTP abuse and rate limiting before launch

Supabase Auth rate limiting on OTP and magic-link emails often ships on loose defaults, letting a stranger drive your send volume. What to check before launch.

SupabaseAuthRate limiting
Browser6 min read

Clickjacking risk: X-Frame-Options vs CSP frame-ancestors

How to decide between X-Frame-Options and CSP frame-ancestors so your AI-built app cannot be framed and clickjacked, with the exact header per platform.

BrowserHeadersClickjacking
Browser6 min read

Cookie flags (Secure, HttpOnly, SameSite) checklist for AI-built apps

A cookie flags Secure HttpOnly SameSite AI app check for builders: see what your Set-Cookie headers leave off, and the session risk it opens before launch.

CookiesSessionsHeaders
Browser6 min read

Content security policy for Stripe, analytics, and auth embeds

A content security policy stripe analytics embed guide for AI-built apps, so a starter CSP does not break payments or leave auth iframes unsandboxed at launch.

CSPStripeBrowser headers
Browser6 min read

Mixed content errors in AI-built apps: why HTTPS pages load HTTP assets

A mixed content error in your AI built app means an HTTPS page is pulling HTTP assets the browser may block. Here is how to catch it before launch.

HTTPSBrowserHeaders
Browser6 min read

Permissions-Policy: disable the camera, mic, and geolocation you never use

A Permissions-Policy header guide for AI apps that use the camera or mic, showing which directives to set so an injected script cannot reach hardware.

BrowserHeadersPermissions-Policy
Browser6 min read

CORS misconfiguration in AI-built APIs: what actually breaks before launch

A CORS misconfiguration in an AI built app can let any origin read credentialed API responses. Here is how to check your own routes before the URL spreads.

CORSAPIBrowser
Browser6 min read

Referrer-Policy for AI-built SaaS: stop leaking auth tokens in the Referer header

A Referrer-Policy auth token leak sends magic-link tokens in the Referer header to analytics and third-party scripts. Here is how to check and close it.

BrowserHeadersAuth
Browser6 min read

SameSite=None CORS cookies in apps with separate API and frontend origins

If your SameSite None cookie crosses from frontend to API on another origin, a missing Secure flag drops the session in production. Check it before launch.

CookiesCORSSessions
Deployment6 min read

Cloudflare Pages ships without security headers — add them before launch

Cloudflare Pages serves no CSP, X-Frame-Options, or Permissions-Policy by default. Check your Cloudflare Pages security headers before you share the URL.

Cloudflare PagesSecurity headersDeployment
Deployment6 min read

Custom domain TLS on self-hosted platforms: HSTS and HTTP redirect before launch

A custom domain TLS HSTS check for self-hosted apps to confirm your new domain redirects HTTP to HTTPS and sends HSTS, so logins are not sent in the clear.

DeploymentTLSHSTS
Deployment6 min read

Vercel preview deploys are public by default — what to check before sharing

Vercel preview deploy security for AI builders: a preview URL is an unauthenticated public link by default. Check what it exposes before you share it.

VercelDeploymentPreview deploys
Deployment6 min read

Netlify branch deploys and split testing expose secrets by default

A Netlify branch deploy security check for AI-built apps: branch and preview URLs are public and inherit prod env vars, so confirm what they leak first.

NetlifyDeploymentSecrets
Deployment6 min read

Render and Railway default to public service URLs: lock down internal services

How to find a Render Railway internal service public URL reaching an admin API or DB UI without auth, and lock it down before you share your launch link.

DeploymentRailwayRender
Deployment6 min read

Preview and staging deployments are public by default

Preview deployment public exposure means your staging URL is reachable and crawlable by anyone. How to find your open previews and lock them down.

DeploymentStagingAccess control
Deployment6 min read

AWS Amplify build-time env vars leak into client bundles — how to check

How an AWS Amplify environment variable client bundle leak ships your secrets in public JavaScript, and how to check your own build before you share the URL.

DeploymentAWS AmplifySecrets
AI risks6 min read

Exposed LLM API keys in browser-based AI chat apps

If your AI chat app has an LLM API key exposed in the browser, any visitor can read it and burn your quota. How to spot the leak and move the call server-side.

AI appsAPI keysLLM
AI risks6 min read

MCP server security exposure: what ships publicly when you deploy an AI agent backend

A check for MCP server security exposure: tell whether your deployed agent backend lists or runs tools for any unauthenticated caller, and how to close it.

MCPAI agentsAuthentication
AI risks6 min read

Insecure output handling in AI apps: when LLM responses render as HTML

Insecure output handling in an LLM app lets model text run as HTML and trigger XSS. This note shows how to find the unsafe render path before you launch.

LLMXSSOutput handling
AI risks6 min read

MCP server exposed on a public port: the launch risk in agentic AI apps

If your MCP server answers on a public port with no auth, anyone who finds it can drive its tools. How to check your MCP endpoint and bind it privately.

MCPAI agentsexposure
AI risks6 min read

System prompt leakage in client-side AI apps

A system prompt leak in an AI app means your instructions and guardrails ship in the browser bundle for anyone to read. How to confirm it before launch.

AI risksSystem promptsClient bundle
AI risks6 min read

Rate limiting AI endpoints to stop token-cost abuse

A rate limit LLM API endpoint abuse check for AI builders: spot the public AI proxy route that answers unmetered requests, and cap the cost before launch.

LLMRate limitingCost abuse
AI risks7 min read

Prompt injection in AI-built apps: what it means for your launch

A plain-language guide to prompt injection AI app risk: how untrusted content reaches your model, what it can do at launch, and what to decide first.

Prompt injectionLLM securityAI apps
Payments5 min read

Stripe test vs live key in production: how to confirm before launch

Shipping a Stripe test key in production means real users can't pay. Here's a fast public-surface check to confirm your deployed build uses live keys.

StripePaymentsLaunch
Payments6 min read

Stripe webhook endpoint exposure: what a public scan can and cannot tell you

A Stripe webhook endpoint security check on your AI-built app from the public surface, what an exposed GET response reveals, and where it stops being enough.

PaymentsStripeWebhooks
Payments7 min read

Stripe webhook signature verification: the check AI builders skip

Stripe webhook signature verification is the check AI builders skip, letting anyone forge payment events. Here is how to spot the gap and fix it before launch.

StripeWebhooksPayments
Payments6 min read

Client-side price manipulation in AI-built checkout: testing for the trusted-amount gap

A client side price manipulation check for your AI-built checkout: see if the browser sets the charge amount, and recompute the price server-side before launch.

PaymentsStripeCheckout
Payments6 min read

Subscription entitlement bypass in AI-built SaaS: checking the server gate

A SaaS subscription entitlement bypass lets a free user unlock paid features by editing the client. Check whether your server gate decides access before launch.

StripeSaaSAuthorization
Access control6 min read

Exposed /admin routes in AI-built apps: what loads without an account

How to check if an admin route is exposed in your vibe coded app, whether /admin and /dashboard serve a full page to anonymous visitors, and how to close it.

Access controlAdmin routesAuthorization
Access control6 min read

Predictable object IDs in public APIs: detecting and reducing enumeration risk

If your API returns predictable object IDs, anyone can walk the sequence and pull records in bulk. Here is how to spot it before launch and what to change.

Access controlAPIEnumeration
Access control7 min read

Tenant isolation checks in multi-tenant AI-built SaaS

A multi-tenant data isolation check for AI-built SaaS founders to confirm one tenant cannot read another tenant's records before you share the URL.

Multi-tenantAccess controlSaaS
Access control6 min read

Admin gating that lives only in the UI

A client side admin check bypass leaves your API open while the button is hidden. Learn how to test that the server enforces the admin boundary before launch.

Access controlAuthorizationAdmin routes
Access control7 min read

Multi-tenant isolation in AI-built SaaS: can tenants reach each other's records

A multi-tenant isolation AI SaaS app check: find out if one tenant can read another tenant's records through your API, and close the gap before launch.

Access controlMulti-tenancyAPI security
APIs6 min read

Unauthenticated API endpoints in AI-built apps: how to find them before launch

How to find unauthenticated API endpoints in your AI-built app before launch, why generated routes ship without an auth check, and how to close them.

APIsAuthenticationPre-launch
APIs6 min read

GraphQL introspection enabled in production: a launch check

A GraphQL introspection production security check for AI-built apps: see if your public endpoint hands out the full schema, and how to turn it off pre-launch.

GraphQLAPIsSchema exposure
APIs6 min read

Verbose API error messages leaking stack traces and SQL in production

How to tell if your API error messages are leaking stack traces, SQL, and file paths to anonymous callers in production, and how to return safe errors instead.

APIsError handlingInformation disclosure
APIs6 min read

Serverless function exposure in AI-built apps: which routes are public by default

A serverless function exposure security check for AI-built apps: how to find the API routes that answer any anonymous caller, and close them before launch.

APIsServerlessAuth
APIs6 min read

PII in API responses: what AI-built apps return that they shouldn't

A PII in API response security check for AI-built apps: spot when an endpoint returns emails, hashes, or extra fields, and trim it to a DTO before launch.

APIsPIIData exposure
Frameworks6 min read

Nuxt runtime config: what leaks to the client bundle by default

How nuxt runtime config public vs private decides what ships to the browser, why AI-built apps leak secrets through it, and how to check yours before launch.

NuxtEnv varsSecrets
Frameworks6 min read

Nuxt server routes: locking down /api/* endpoints in AI-built apps

A Nuxt server routes security check to find /api/* endpoints that return data to anonymous callers, and how to add auth before you share the URL.

NuxtAPIAuth
Frameworks6 min read

Next.js server actions: public exposure risks before you ship

A Next.js server actions security check for AI-built apps: confirm each action enforces its own auth before launch, so a hidden form is not a public endpoint.

Next.jsServer ActionsAuthorization
Frameworks6 min read

Next.js middleware security: protecting routes without server-side auth checks

A Next.js middleware authentication security check: find the private routes your matcher misses before launch, and why edge gating alone is not enough.

Next.jsMiddlewareAuth
Frameworks6 min read

Express.js API security hardening before an AI-built API goes public

Express.js API security hardening for AI-built apps: how to check for missing helmet headers, input validation, and rate limiting before your API URL spreads.

ExpressNodeAPI hardening
Frameworks6 min read

SvelteKit load functions and public data exposure before launch

A SvelteKit load function security check for finding full DB rows serialized into the page payload, so you can trim what every browser sees before launch.

SvelteKitData exposureFrameworks
Frameworks6 min read

Remix loader security: authentication checks your loaders and actions are missing

A Remix loader security authentication check for AI-built apps: confirm each loader and action verifies the session before it returns data, not just the page.

RemixAuthenticationLoaders
Dependencies6 min read

npm audit before launch: what the output actually means

How to read npm audit before launch on your AI-built app, tell a real blocker from transitive noise, and decide go or no-go without breaking your build.

Dependenciesnpm auditSupply chain
Dependencies6 min read

Checking for known-vulnerable packages before shipping a Vite or Next.js app

Find known-vulnerable npm packages in a Vite or Next.js production build before launch, filter the devDependency noise, and decide what blocks shipping.

Dependenciesnpm auditSupply chain
Dependencies6 min read

Outdated dependencies as a launch blocker: what to check and what to defer

A triage flow for outdated npm dependencies before launch so you can tell which packages block the launch and which are routine hardening you can defer.

DependenciesnpmLaunch triage
Dependencies6 min read

Vetting an AI-suggested npm package before you install it

A short guide to tell if an AI-suggested npm package is safe to install, checking the name, publish date, repo, and install scripts before you add it.

DependenciesnpmSupply chain
Dependencies6 min read

No lockfile committed: dependency drift in AI-built apps

A missing package-lock in your AI-built app lets production installs drift to versions you never tested. Here is how to detect the gap and pin the tree.

DependenciesSupply chainLockfile
Process6 min read

How to read a security scan result and triage findings

How to read security scan results on your AI-built app, tell launch blockers from hardening tasks, and handle a finding you cannot reproduce before you ship.

TriageProcessSeverity
Process6 min read

Building a repeatable pre-launch security habit for AI-built apps

A pre-launch security process for developers that stops a later deploy from silently re-enabling source maps, dropping a header, or re-exposing a bucket.

ProcessCIRegression
Process6 min read

Public scan vs code review: which one to run before you ship

A public scan vs code review security comparison for indie devs shipping AI-built apps, so you know which check catches which class of risk before launch.

ProcessScanningCode Review
Process6 min read

When does an indie app need a penetration test?

A clear answer to when do I need a penetration test as an indie founder: the data and money triggers that cross the threshold, and what to do first instead.

PentestLaunch decisionProcess
Process6 min read

Lightweight threat modeling for a solo developer

A 30-minute threat modeling exercise for a solo developer to map trust boundaries and public routes before launch, so the worst gap is not the live URL.

ProcessThreat modelingPre-launch

> pre-ship scan

Check the public surface before you publish the link.

Run a focused Launch Check for exposed files, headers, source maps, and configuration signals before your AI-built app gets attention.