Secure Vibe Coding Pack: 91.5% of AI apps are vulnerable. Fix it with 60 prompts.

I shipped an app with Claude. Found out the hard way that working code isn't secure code. Claude defaults to insecurity: JWT in localStorage, hardcoded secrets, raw SQL strings, no RLS. So I tested 100+ prompts to fix this. Found 60 that work. Three modes: Generate (build secure from scratch), Audit (find holes in existing code), Harden (fix shipped code safely). Then paste, verify, ship confidently. Works with Claude, Cursor, Lovable, v0, Bolt.

Hey ProductHunt! 👋 I shipped Nerzia (AI study app, App Store) using Claude. Quick lesson I learned: working code ≠ safe code. Claude generates functional code. But it defaults to insecurity: - JWT in localStorage (exposed tokens) - Secrets in env vars (hardcoded credentials) - Raw SQL (injection ready) - Verbose errors (roadmap for attackers) - No RLS (data leaks) I tested 100+ prompt variations to find which ones actually force Claude to generate secure code. Result: 60 prompts that work. Three modes: - Generate: Build secure code from scratch - Audit: Find vulnerabilities in existing code - Harden: Fix shipped code safely The workflow: Paste → Verify → Ship Takes 10 minutes. Prevents breaches that cost $100K. If you're shipping with Claude/Cursor, this is a must-have. Happy to answer any questions about: - AI security patterns - Building with Claude - Shipping apps (I've done it) - Why this costs $39 not $500 Ask away! :)

Built this because I shipped an app with a security vulnerability I should've caught.

The issue? I asked Claude to "build an endpoint" but never specified that it should enforce access control. Claude generated working code, just not secure code.

So I tested 100+ prompts. Found 60 that force Claude to be secure by default.

What's the worst vulnerability you've found in AI-generated code? And did you catch it before or after shipping?

Built this because I shipped an app with a security vulnerability I should've caught.

The issue? I asked Claude to "build an endpoint" but never specified that it should enforce access control. Claude generated working code, just not secure code.

So I tested 100+ prompts. Found 60 that force Claude to be secure by default.

What's the worst vulnerability you've found in AI-generated code? And did you catch it before or after shipping?

Secure Vibe Coding Pack

91.5% of AI apps are vulnerable. Fix it with 60 prompts.

91.5% of AI apps are vulnerable. Fix it with 60 prompts.

Forum Threads

I almost leaked my users data. What vulnerabilities have you found?

Forum Threads

I almost leaked my users data. What vulnerabilities have you found?