Verifiedapp Blog
Vibe Coding

I shipped an app with AI in a weekend — here is what the scanner found

· 2 min read
#ai-generated-code#case-study#secrets#vibe-coding

The setup

We wanted to feel what a normal person ships today, so we did exactly that: described a small SaaS-ish app to an AI builder, accepted most of what it generated, wired in payments, and deployed. No security review, because that is the whole point — almost nobody does one. Then we pointed a scanner at the live URL.

Here is the honest result, finding by finding.

Finding 1: a payment key in the frontend

The checkout worked beautifully. It also referenced a Stripe key in client-side code, which means it shipped inside the JavaScript bundle. The AI solved make checkout work, not keep the key server-side — because we never asked for the second thing. Fix: move the call behind a server endpoint, then rotate the key, because anything that was public should be treated as already leaked.

Finding 2: a published source map

The build helpfully produced .js.map files and deployed them. Anyone could open dev tools and read our original, un-minified source — structure, comments, the lot. Fix: stop shipping source maps to production, or upload them privately to the error tracker and delete them from the deploy.

Finding 3: a Content-Security-Policy full of holes

There was a CSP, which felt reassuring, but it allowed unsafe-inline in script-src — which quietly defeats it against the most common cross-site-scripting payloads. This is the single most common real-world CSP state, because frameworks lean on inline scripts. Fix: move to nonce-based scripts and drop unsafe-inline, rolled out in report-only mode first.

Finding 4: an insecure session cookie

The login cookie had no HttpOnly, so any injected script could read it, and no SameSite, leaving it open to cross-site request forgery. A stolen session cookie is a logged-in attacker. Fix: set HttpOnly, Secure and SameSite on the session cookie — a one-line change.

Finding 5: a leftover localhost URL

Buried in the bundle was a reference to a localhost API from development. Harmless to reach, but it leaks internal structure — service names, ports, the shape of the API. Fix: strip internal and development URLs in the build step, not by hand.

The takeaway

Nothing here was a clever exploit. It was five boring, predictable leaks that an AI builder produces because security was never in the prompt — and that an automated scan catches in minutes. The lesson is not do not use AI to ship. It is look before you do: scan the thing you just deployed, fix the obvious five, and you have closed the doors that get found first. Run your own app and see your version of this list.

Related reading

FAQ

Are these findings realistic for an AI-built app?
Yes — they are the common ones. A key in the bundle, a published source map, a permissive CSP and insecure cookies show up again and again across AI-generated apps, because the generator optimizes for the feature you asked for, not the security you did not.
If I find a leaked key, is rotating it enough?
Rotate it and assume the old one is compromised. If a secret was reachable in your frontend, treat it as already harvested by automated bots, revoke it, and check the service logs for unexpected use.
Do I have to understand security to fix these?
Not deeply. Each of these five is a known fix — move the key server-side, drop source maps, tighten the CSP and cookie flags, strip internal URLs. A good report tells you which applies and how.

Keep reading