Yusuf Abdulaziz

Yusuf Abdulaziz

cofounder

Forums

6h ago

Anyone actually checked their vibe-coded app for security holes, or just hoping for the best?

Been thinking about this after seeing a few posts here about vibe-coded apps breaking in production. Auth bugs, webhook failures, that kind of thing.

What worries me more is the stuff that doesn't break loudly. No error, no crash, it just quietly leaks data or accepts requests it shouldn't. Things like exposed API keys sitting in the frontend bundle, missing rate limits, or database rules that let any logged in user read rows that aren't theirs. None of that throws an error. It just sits there until someone finds it.

For the non-engineers building real products with this stuff, what does your actual security check look like before you launch. Are you running anything to scan for this, paying someone to review it once, asking the AI itself to audit its own code, or just shipping and hoping nothing bad happens.

Curious if there is an actual workflow people are settled on, or if this is still the part everyone quietly skips.

8h ago

How do you keep AI from forgetting your long-term projects?

How do you actually use AI for long-term planning?

I've noticed something while building products.

AI is amazing at answering questions, but the moment a project stretches beyond a few conversations, things start to break down.

Every new chat means I have to explain:

View more