Hacker Timesnew | past | comments | ask | show | jobs | submitlogin
Security with Vibe Coding Platforms
1 point by Reva25 46 days ago | hide | past | favorite | 1 comment
I do a ton of vibe coding, but after looking closely at the code my agents were spitting out, I got curious. I ran a test on a bunch of AI-generated repos and found that a crazy amount of them had severe structural flaws (like hallucinating fake packages that an attacker could easily squat). So, I'm building an automated firewall for vibe coding. It’s an automated security reviewer specifically designed to catch the vulnerabilities that AI coding agents accidentally write. I'm currently looking for developers who are shipping fast with AI to roast my MVP. If you're down to test it on one of your repos, let me know!


The security angle is one of the most underappreciated risks in vibe coding. When developers don't understand the code that gets generated, they can't assess whether it's introducing vulnerabilities — hallucinated packages, insecure patterns, broken auth — and your finding that a "crazy amount" of AI-generated repos have severe structural flaws matches what a lot of teams are discovering in production.

This connects directly to a core principle from the Agile Vibe Coding Manifesto (https://agilevibecoding.org): "Automation must remain verifiable — their outputs remain understandable, reviewable, and verifiable by humans." The problem with pure vibe coding isn't just that AI makes mistakes; it's that the workflow removes the verification step entirely.

An automated security reviewer is a great practical response to this. Happy to test it on a project if you're still looking for early feedback.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: