../vibe-security

Vibe Security

The whole idea of this came from when Plumeria was "hacked" one evening.

What I mean by hacked is two things:

  1. Click-jacking
  2. Rate-limiting (some friends were spamming the request endpoint)

How my workflow went to solve the problem:

vulnerability memo -> ai fixes backend -> ai tests backend

I was blown away at how fast it fixed it. Since these security problems are likely common, the LLMs probably have great references on how to fix.

Given I had a vibe hackathon coming up, I thought it would be a great hack: a security scanner for all the other vibe coded applications.

My general plan was to follow the guidance from this blog from replit in an automated

put in url -> run tests -> give score (results too)