Launching today

Secure Vibe Coding Pack

Launching today

91.5% of AI apps are vulnerable. Fix it with 60 prompts.

3 followers

91.5% of AI apps are vulnerable. Fix it with 60 prompts.

3 followers

Visit website

Engineering & Development

I shipped an app with Claude. Found out the hard way that working code isn't secure code. Claude defaults to insecurity: JWT in localStorage, hardcoded secrets, raw SQL strings, no RLS. So I tested 100+ prompts to fix this. Found 60 that work. Three modes: Generate (build secure from scratch), Audit (find holes in existing code), Harden (fix shipped code safely). Then paste, verify, ship confidently. Works with Claude, Cursor, Lovable, v0, Bolt.

Payment Required

Launch tags:Artificial Intelligence•Security•Vibe coding

Launch Team

Wispr Flow: Dictation That Works EverywhereStop typing. Start speaking. 4x faster.

Promoted

Maker

📌

Hey ProductHunt! 👋 I shipped Nerzia (AI study app, App Store) using Claude. Quick lesson I learned: working code ≠ safe code. Claude generates functional code. But it defaults to insecurity: - JWT in localStorage (exposed tokens) - Secrets in env vars (hardcoded credentials) - Raw SQL (injection ready) - Verbose errors (roadmap for attackers) - No RLS (data leaks) I tested 100+ prompt variations to find which ones actually force Claude to generate secure code. Result: 60 prompts that work. Three modes: - Generate: Build secure code from scratch - Audit: Find vulnerabilities in existing code - Harden: Fix shipped code safely The workflow: Paste → Verify → Ship Takes 10 minutes. Prevents breaches that cost $100K. If you're shipping with Claude/Cursor, this is a must-have. Happy to answer any questions about: - AI security patterns - Building with Claude - Shipping apps (I've done it) - Why this costs $39 not $500 Ask away! :)

Report

1d ago

Forum Threads

p/secure-vibe-coding-pack

•

1d ago

I almost leaked my users data. What vulnerabilities have you found?

Built this because I shipped an app with a security vulnerability I should've caught.

The issue? I asked Claude to "build an endpoint" but never specified that it should enforce access control. Claude generated working code, just not secure code.

So I tested 100+ prompts. Found 60 that force Claude to be secure by default.

What's the worst vulnerability you've found in AI-generated code? And did you catch it before or after shipping?

View all