vibe-code-audit

Security audit skill for vibe-coded applications. Checks for the 10 most common vibe-coding vulnerabilities: exposed API keys in frontend code, missing Row Level Security, no rate limiting, no input sanitization, hardcoded secrets, missing CORS configuration, no authentication on write endpoints, unescaped user input in database queries, missing HTTP security headers, and no activity logging. Returns a scored report with pass/fail for each check and remediation steps. Built from lessons learned from the Moltbook security disaster.