All activity
Adam Balogunleft a comment
Hey Product Hunt! š I built Yikes because I kept seeing the same security mistakes in vibe-coded apps: NEXT_PUBLIC_ prefixed secrets that expose your entire database, Supabase tables with RLS disabled, API routes anyone can call without auth. These aren't edge cases. They're in almost every indie hacker project I've reviewed. Traditional security scanners give you a 40-page PDF full of CVE...
YikesFind auth gaps and leaked secrets in your vibe-coded app
Stop shipping security holes. Yikes scans your Next.js + Supabase repo and tells you exactly how you'd get hacked ā in plain English.
ā NEXT_PUBLIC_ secrets exposing your database to everyone
ā Supabase RLS disabled so users can read each other's data
ā API routes with no auth checks
ā Missing rate limits on login/signup
Every finding includes a copy/paste fix. No security expertise needed.
YikesFind auth gaps and leaked secrets in your vibe-coded app