Perfai Security - Find & fix live vulnerabilities in Vibe Apps with 1-prompt.
by•
Autonomous access control security for Vibe-coded apps. Our platform finds and fixes live vulnerabilities in your vibe-apps built on Replit, Lovable, Claude Code, Cursor, and other AI-coding tools. 1-prompt makes your app production-ready in minutes without requiring security expertise.
Replies
Perfai Security
Hi @thys_beesman , thanks for asking. Perfai Security offers both, and this is where Perfai Security really shines. We don't just stop at a list of vulnerabilities.
We ship an MCP server (perfai-mcp-server) you drop into your IDE (Cursor, VS Code, or any MCP-compatible agent). Once connected, it pulls your reported issues directly into the editor, and for any issue it generates a context-rich fix prompt with exact endpoint, vulnerability, remediation contexts. Your IDE's coding agent then implements the fix right in your codebase, following your existing patterns and architecture.
We deliberately keep the developer in the loop rather than auto-patching your repo. This way, we never require any code-access. And so the fix lands in your editor where you review and merge it like any other change.
So it's detection → guided remediation → fix, without Perfai Security ever writing to your code behind your back.
TL;DR — Perfai Security maps your app, detects vulnerabilities, provides the fixes, and then retests to verify the issues are patched.
Tools like this are usually judged by what they catch, but the harder part is what slips through.
Do you have a sense of that side - cases where something looked clean but was found later? That would matter more to me than the total number of vulnerabilities found.
Congrats on the launch!
Perfai Security
Hello@jared_salois I'm particularly excited to answer your question!
Raw vuln counts are a vanity metric. And you're right... what slips through is the real test. A few ways we attack the false-negative problem head-on:
We measure against a known denominator. The Vision Agent enumerates the full access-control matrix (roles × objects × actions), so we report coverage (what share of that surface we actually exercised) not just a pile of findings. You see what we tested, not only what we caught.
Gaps are reported as gaps, never as green. An auth wall we couldn't cross, or a path we lacked credentials for, or a flow needing business context we can't infer ("this discount should never apply to enterprise SKUs"), etc. All those surface as explicit coverage gaps, not a false "clean."
"Looked clean, found later" is a first-class case. Every deploy gets re-tested, and as our attack models improve, we re-scan existing apps. So yesterday's "clean" can legitimately become today's finding. Coverage is a living thing, not a one-time snapshot.
And every finding is exploit-verified, so what you do get isn't diluted by false positives. We'd rather hand you an honest "here's what we didn't reach" than a green checkmark that lies.
the "mutate an object you own to reach one you don't" part is what caught my attention. if that attack succeeds against a live production app, the agent didn't just find the vulnerability, it exploited it for real against real data. is there a safe/sandboxed mode where the mutation attempts happen against a snapshot or shadow copy, or does running this against a production app with real customers mean you're accepting some risk of the test itself causing the exact damage you're trying to prevent
Perfai Security
@galdayan great question, you decide what Perfai Security points at. You hand us any base path or app URL. The aggressive, state-changing pass runs against a staging environment, a preview deploy, or a clone/snapshot, not necessarily your live prod. The blast radius is your call, not ours.
And even then, proving an access-control break almost never requires destroying data. For "mutate an object you own to reach one you don't," the vuln is proven the moment the system authorizes the cross-boundary action for the wrong principal... making the 'authorization' the finding. We assert that the boundary is crossable but we don't complete the destruction to prove it. So the check never depends on a destructive write, and anything genuinely state-changing you route to the staging/clone URL you give us.
You can sign up free at perfai.ai (or 50% off the Pro plan with our Product Hunt discount) and I'd be happy to connect and walk you through pointing it at a staging clone.
Do I paste the URL and walk away, or set up test accounts first?
Perfai Security
@oliver_hayes1 you can paste-and-go for a fast first look 🙂, but for the real value, hand it a couple of test accounts. Access control is all about who can do what, so the high-severity findings like cross-tenant data access, privilege escalation, BOLA will only surface when the agent can log in as different roles and try to cross the boundaries between them.
Is the report readable solo, or do I need to already know what IDOR means?
Perfai Security
@paige_lauren2 readable solo 🙌. You do NOT need to possess technical knowledge on what IDOR means — each finding is plain language with OWASP/CVSS/CWE detail tucked in for the dev folks who want to go deeper. And you don't have to interpret it to fix it. The Fix Agent hands the exact patch to your AI coding tool (Cursor, Claude Code, Replit, Lovable…) and re-tests to confirm it's closed. Security expertise is optional... that's the whole point. Try it free at perfai.ai, first finding in ~20 min.
How's this different from zero Thread or Beagle,both listed as similar tools?
Perfai Security
Hello @reid_anderson4 , great question!
Those are broad AI-pentest / DAST scanners that are good at surfacing known vuln patterns across an app. Perfai Security goes deep on the one class generic DAST structurally does not cover: broken access control (OWASP's #1 for four years running). We don't just fuzz URLs... our Vision Agent first maps every role × data × action, then the Security Agent attacks the permission model itself: BOLA/IDOR, BFLA, privilege escalation, cross-tenant isolation.
Every finding is exploit-proven, and the Fix Agent ships the patch into your AI coding tool and re-tests to confirm it's closed. In a different lens, they scan the surface, whereas we break the authorization logic.
Faster than a manual pentest sure, but does it catch the weird edge cases a human would?
Perfai Security
@trevor_nicholas2 honest answer: if a manual pentester checks ~50 permission combinations before the clock runs out, Perfai Security tests all 6,000+ (across every role × data × action) ...including the weird ones, including chained privilege escalation, cross-tenant ownership quirks, admin functions live under a hidden route. These "edge cases" are usually just cases nobody had time to reach by hand, but in practice, we've surfaced findings a decade of manual pentests had missed. Where a creative human still shines is open-ended business logic, and we're pushing into that too.
If UI hides an admin route that's still live on the backend, does Vision Agent even catch it?
Perfai Security
@calvin_russell1 yes, that's what it's built for. The Vision Agent doesn't just click the UI — it maps the underlying API surface (every endpoint it can discover), so a route that's hidden from the interface but still live on the backend gets found and attacked anyway. That "hidden-but-live admin function" is a class we explicitly hunt, known as shadow functionality (and broken function-level authorization (BFLA)). If the backend still honors it, we'll call it, prove it with a reproducible request, and hand you the fix.
Congrats on the launch! The re-check on every update is the part that matters most, since a lot of these tools only catch access-control gaps once and then go stale. Does that re-scan run automatically after each deploy, or do you have to trigger it?
Perfai Security
@irahimiam spot-on! Both modes exist, but automatic is the whole point. You can fire a run manually anytime (one prompt / paste-URL), but the real setup wires it into your pipeline so it runs automatically on a scheduled basis or with each deploy... GitHub Actions steps (or our CI/CD API / deploy webhook) can trigger the scan, wait, and fail the build on any new Critical. Each run diffs against your last clean baseline, so you only hear about what changed, not the same list again. Set it once and every future deploy can re-test itself.
Voquill
Congratulations! Does this work with any deployed web app, or is it mainly built for apps created with AI coding tools?
Perfai Security
@henry_habib It works with any deployed web app that has a URL. We test black-box from the outside, so we're fully stack-agnostic. It doesn't care whether you hand-wrote it, vibe-coded it, or inherited it. The "vibe-coded" framing is where our solution is needed most right now, but the engine tests any app with roles, APIs, and a database. The only place the AI-coding tool matters is the fix handoff... our Fix Agent delivers remediation through an MCP server you drop into any IDE (Cursor, VS Code, Claude Code…), and it works even if you just want the exact patch to apply yourself. Point it at any URL and see. You can sign up for free or get 50% off our pro plan using the discount code (in pinned comment).