All activity
Most AI-generated apps ship with leaked API keys, broken auth, and unsanitized inputs nobody ever reviewed. Trust scans your live URL or GitHub repo in 5 minutes running real DAST + SAST + Gitleaks, then turning findings into Claude-powered fix suggestions you can paste straight into Cursor. We also ship an MCP server, so Trust runs inside Claude Code itself, ask "scan this before I deploy" and it just works. Built because we kept shipping vibe-coded projects without auditing a single one.
TrustThe security scanner built for vibe coders
Jadenstarted a discussion
What's the scariest thing you've ever shipped in a vibe-coded project?
We built Trust because, honestly, we shipped some scary stuff. Mine was a payment endpoint with CORS wide open. Yours? No judgment, no naming, no shaming—but if any of you are willing to share what you found (or what we find for you), it'd be a hell of a thread for the next person about to deploy something they vibe-coded at 2am.
Jadenleft a comment
Hey! I'm a founder who fell in love with Cursor and Claude Code. In ~6 months I shipped 4 side projects without doing a single real security review. Then I actually looked at what I'd built. Hardcoded API keys committed to a public repo. Auth flows with zero rate limiting. CORS wide open on a payment endpoint. The AI never warned me. The deploy never stopped me. The scary part wasn't the bugs,...
TrustThe security scanner built for vibe coders