VIBE CODED.
VIBE HARDENED.®
One command. No config. A security scanner that understands v0, Lovable, Bolt, Cursor, Claude Code, Replit Agent, Windsurf — and what each of them tends to get wrong.
npx vibe-hardening scan● 41 NEW CRIT
● 128 NEW HIGH
● 214 FIXED
DRIZZLE · CONVEX · VERCEL · NETLIFY
might look the same.
AI-aware rules
Trained on 4,200 shipped vibe-coded apps. Knows what a v0 export, a Cursor loop, a Lovable scaffold each tend to miss — and won't complain about what they get right.
Platform fingerprint
Detects Next.js, Supabase, tRPC, Prisma, Drizzle, Convex, Vercel, Netlify. Runs only the rules that apply to your stack, so scans stay under 5 seconds on average repos.
Live secret verification
Finds candidate keys in your git history, probes their provider endpoints, and tells you which ones are still live. Not a grep — a phone call.
"Ran it on a client project after a Cursor session. Six criticals. Fixed before the demo call."
"The only scanner that understands NEXT_PUBLIC_* is a liability, not a feature."
"It flagged a hallucinated package my agent installed. I did not know that was a category."
Free, forever.
Scan any repo. Unlimited runs. Runs locally, data never leaves your machine.
npx vibe-hardening scanPer-commit, per-deploy.
Dashboard, GitHub checks, Slack alerts on new criticals, scheduled rescans. $29 / project / mo.
Join waitlist →SHIP
HARDENED.
One email on launch day, 2026-05-13, 14:00 UTC. No marketing.