// guides & resources

Security guides for AI-built apps

Plain-language guides to the security problems AI coding tools commonly leave behind, and how to fix them. No jargon, no security background needed.

• How to Tell if Your AI-Built App Is Leaking Secrets

  AI coding tools love to make things work fast, and sometimes that means putting a secret key right in your front-end. Here is how to find out if yours did.

  6 min read

• I Found an Exposed Stripe Key. What Do I Do?

  An exposed Stripe key can mean fraudulent charges and refunds in your name. Here is exactly what to do, in order, starting with the most urgent step.

  5 min read

• How to Secure a Supabase App: The Mistakes AI Tools Make

  Supabase is great, but AI tools often leave it wide open. The good news: the fixes are simple once you know what to look for.

  7 min read

• Why Your AI Endpoint Is Running Up Your Bill (and How to Lock It Down)

  If your app has an AI feature, it probably has an endpoint that calls the model. If that endpoint does not check who is calling, the whole internet can use it on your card.

  6 min read

• Security Checklist Before You Launch a Vibe-Coded App

  Shipping soon? Run through this list first. It covers the issues AI coding tools most often leave behind, in the order they matter.

  8 min read