The promise of vibe-coding is seductive: anyone can create a custom application using natural language and AI agents, no formal coding skills required. But with this ease of creation comes a hidden cost — security. As more people turn to tools like Claude Code, ChatGPT, or OpenAI's Codex to build everything from personal utilities to business tools, a wave of vulnerabilities is emerging, threatening to expose sensitive data and undermine trust in the entire approach.
Real-world examples of security failures
Bob Starr, a tech project manager, launched “Boomberg,” a website that tracks US tax money going to tech companies. Months later, he discovered a hidden SQL injection risk that could allow attackers to read or alter database contents. Starr admitted it was a complete blind spot in his understanding of the new technology. His story is far from unique.
Jer Crane, founder of PocketOS, posted on social media that an AI coding agent wiped out his company’s entire production database. Joe Procopio, a serial entrepreneur, built a web app to privately show demos of other apps. Hackers found it, forcing him to revert to old-fashioned local demos over Zoom.
In a high-profile case, developer Matt Schlicht launched Moltbook, a social network built entirely without writing a single line of code. Within days, security researchers at Wiz found the app's production database wide open, exposing tens of thousands of email addresses and private messages. Patches were applied, but the damage to user privacy was already done.
Bulk security research reveals a pattern
Researchers at Red Access scanned popular vibe-coding platforms and discovered roughly 5,000 publicly accessible apps with no authentication at all. Nearly 2,000 of those appeared to be leaking sensitive data — medical records, financial information, strategy documents, and even chat logs. This suggests that the problem is systemic and growing faster than the community can address it.
Expert perspectives on the risks
Gabriel Bernadett-Shapiro, distinguished AI research scientist at SentinelOne, stresses that vibe-coding itself isn't bad. The danger comes when a personal app drifts into business territory and starts handling shared, hosted data without anyone realizing the shift. Apps that track migraines or package deliveries are one thing. But once an app touches customer logs, medical data, or internal documents, the standard must change. “Those need to be held to a different standard,” he says.
Jack Cable, CEO of Corridor, a security platform for AI-native development, agrees. He advises that vibe-coding is fine for low-risk projects like prototypes or fitness trackers. But anything on the public internet — especially if it stores other people's data — deserves careful scrutiny. “Think through what the threat model looks like, and if you're not sure if something you're doing is secure, better safe than sorry,” Cable says.
The overconfidence trap
One of the most insidious aspects of vibe-coding is overconfidence. AI tools often assure users that the generated code is secure. Many take this at face value without verifying. In a typical vibe-coding session, no automatic security check runs unless explicitly requested. While Claude Code has a /security-review command, it must be invoked. OpenAI's Codex includes a built-in security agent that scans commits, but it's designed for developers using real version-control workflows — not for novices chatting an app into existence.
Experts emphasize that you must prompt for security both at the beginning and at the end of the build process. “A lot of security is contextual,” Cable explains. A coding agent cannot understand your specific threat model unless you tell it. Relying on the agent's own review can create a false sense of security.
The authentication gap
Bernadett-Shapiro's biggest concern is not buggy code but missing authentication. Many people transition an app that runs fine locally into the cloud with configuration options they don't fully understand. The result is a publicly accessible endpoint with no login required — like leaving a box of secrets open on the sidewalk. This failure accounts for the majority of data leaks found by researchers.
To mitigate this, users should run security reviews after every change, use local testing before deploying, and think carefully about what data the app will store. Jeff Rothblum, a government affairs specialist who vibe-coded a tool for lobbying data entry, exemplifies good practices. He runs regular security reviews in Claude, keeps user data local, and is building toward stricter retention safeguards. He plans to pay a professional security engineer if the app ever handles more sensitive data.
The future of secure vibe-coding
Some scaffolding is emerging. OWASP has published an AI security verification standard. Firms like Trail of Bits have released “skills” — instruction packs that point coding agents at specific security tasks like flagging insecure defaults or hardcoded passwords. However, these skills must be triggered manually and can be difficult to keep updated. Worse, malicious skills exist. In February, 1Password's Jason Meller found that the most downloaded skill on a popular registry directed users to install a malicious dependency.
For organizations, the challenge is even greater. Engineers and sales teams at large companies are shipping far more agent-written code than before. Security teams need visibility into how agents are used and guardrails that get enforced automatically. Cable believes the models themselves are increasingly built on memory-safe stacks that eliminate entire classes of vulnerabilities, so there is reason for optimism — but only if we treat security as a first-class concern from day one.
For individuals, the guidelines are simple: keep the app local if possible, avoid storing sensitive data in the cloud, and prompt for security at every stage. Vibe-code the app of your dreams, but think through what data it holds and what could go wrong. Run code reviews after each change, pay close attention before moving from local to public, and never assume the AI has your back. That is the difference between a fun project and a security nightmare.
Source:The Verge News