Knowledge Base
Everything you need to know about security in AI-generated code. Written for vibe coders, backed by data.
Vulnerabilities
Deep dives into SQL injection, XSS, hardcoded secrets, and 18+ security vulnerabilities common in AI-generated code.
18 articlesAI Tool Patterns
Security patterns specific to Cursor, Claude Code, Bolt, v0, and other AI coding tools.
8 toolsStack Guides
Security guides for Next.js + Supabase, Next.js + Prisma, SvelteKit + Supabase, and more.
3 stacksChecklists
Security checklists for pre-launch review and deployment verification.
1 checklistWhy This Knowledge Base?
AI coding tools like Cursor, Claude Code, and Bolt are transforming how we build software. But they're also introducing new security patterns, and new vulnerabilities.
When you're vibe coding, AI tools prioritize working code over secure code. They generate template literals instead of parameterized queries. They hardcode API keys to make examples run immediately. They skip authentication because you didn't ask for it.
This knowledge base exists to help you understand these vulnerabilities, why AI tools create them, and how to fix them. We provide copy-paste prompts you can use directly in your AI coding tool.
What Makes Us Different
Vibe Coding Friendly
Cursor, Claude Code, Bolt, v0, Lovable, Replit, Windsurf, Copilot, Gemini, and more
Copy-Paste Fixes
AI prompts you can paste directly into your coding tool to fix vulnerabilities
Stack-Specific
Guides for Next.js + Supabase, Express + PostgreSQL, SvelteKit, and more
Plain English
Every term explained. SQL injection = "attackers type code into your forms"