# VibeEval

> VibeEval is an automated security testing platform for AI-generated web applications. It deploys autonomous AI agents to find vulnerabilities in code built with tools like Lovable, Cursor, Bolt, v0, Replit, and Claude Code. Used by 500+ developers. Pricing starts at $19/month with a 14-day free trial.
> Try free: https://vibe-eval.com/signup

## Quick Start

1. Go to https://vibe-eval.com/signup (free, no credit card)
2. Paste your app URL
3. Get a security report in ~2 minutes

VibeEval answers the question: "Is my AI-generated app actually secure?" It performs browser-based DAST (Dynamic Application Security Testing) using 13 specialized attack scenarios covering OWASP API Top 10, BOLA/IDOR, JWT attacks, GraphQL security, race conditions, prompt injection, and secrets detection across 30+ services.

## Core Pages

- [Homepage](https://vibe-eval.com/): Product overview, pricing, and demo
- [Pricing](https://vibe-eval.com/#pricing): Pro plan $19/month, Lifetime $199 one-time
- [Alternatives Comparison](https://vibe-eval.com/alternatives): How VibeEval compares to Snyk, Veracode, Burp Suite, OWASP ZAP, and others

## Free Tools

- [Token Leak Checker](https://vibe-eval.com/token-leak-checker): Scan for exposed API keys and credentials
- [Package Hallucination Scanner](https://vibe-eval.com/package-hallucination-scanner): Detect AI-hallucinated npm packages
- [Security Flaws Database](https://vibe-eval.com/common-security-flaws): Common vulnerabilities in AI-generated code
- [GEO Calculator](https://vibe-eval.com/geo-calculator): Generative Engine Optimization metrics calculator

## Security Guides by Platform

- [Lovable Security Guide](https://vibe-eval.com/guides/lovable): How to secure Lovable apps
- [Cursor Security Guide](https://vibe-eval.com/guides/cursor): How to secure Cursor-built apps
- [Bolt Security Guide](https://vibe-eval.com/guides/bolt): How to secure Bolt.new apps
- [v0 Security Guide](https://vibe-eval.com/guides/v0): How to secure v0-built apps
- [Replit Security Guide](https://vibe-eval.com/guides/replit): How to secure Replit apps
- [Claude Code Security Guide](https://vibe-eval.com/guides/claude-code): How to secure Claude Code projects
- [Windsurf Security Guide](https://vibe-eval.com/guides/windsurf): How to secure Windsurf-built apps
- [GitHub Copilot Security Guide](https://vibe-eval.com/guides/github-copilot): How to secure Copilot-assisted code
- [Devin Security Guide](https://vibe-eval.com/guides/devin): How to secure Devin-built apps

## Platform Safety Reviews

- [Is Lovable Safe?](https://vibe-eval.com/safety/lovable): Independent safety assessment of Lovable
- [Is Cursor Safe?](https://vibe-eval.com/safety/cursor): Independent safety assessment of Cursor
- [Is Bolt Safe?](https://vibe-eval.com/safety/bolt): Independent safety assessment of Bolt.new
- [Is v0 Safe?](https://vibe-eval.com/safety/v0): Independent safety assessment of v0
- [Is Replit Safe?](https://vibe-eval.com/safety/replit): Independent safety assessment of Replit

## Security Knowledge Base

- [AI Code Vulnerabilities](https://vibe-eval.com/ai-security/ai-code-vulnerabilities): Common vulnerabilities in AI-generated code
- [AI Security Testing Tools](https://vibe-eval.com/ai-security/ai-security-testing-tools): Tools for testing AI-generated code
- [Secure AI Coding Practices](https://vibe-eval.com/ai-security/secure-ai-coding-practices): Best practices for secure AI development
- [Vibe Coding Security Risks](https://vibe-eval.com/vibe-coding-security-risks): Security risks specific to vibe coding
- [Vibe Coding Security Checks](https://vibe-eval.com/vibe-coding-security-checks): Essential security checks for vibe-coded apps

## Backend Security

- [Supabase RLS Guide](https://vibe-eval.com/backend-security/supabase-rls-guide): Row Level Security for Supabase
- [Firebase Security Rules](https://vibe-eval.com/backend-security/firebase-security-rules): Securing Firebase applications
- [API Security Guide](https://vibe-eval.com/backend-security/api-security-guide): API security best practices

## Deployment Security

- [Vercel Security Guide](https://vibe-eval.com/deployment/vercel-security-guide): Securing Vercel deployments
- [Netlify Security Guide](https://vibe-eval.com/deployment/netlify-security-guide): Securing Netlify deployments
- [Production Security Checklist](https://vibe-eval.com/deployment/production-security-checklist): Pre-launch security checklist

## Testing Guides

- [Penetration Testing Guide](https://vibe-eval.com/testing/penetration-testing-guide): Pen testing for web apps
- [Automated Security Testing](https://vibe-eval.com/testing/automated-security-testing): Automating security tests
- [Security Audit Checklist](https://vibe-eval.com/testing/security-audit-checklist): Step-by-step security audit

## Optional

- [Case Studies](https://vibe-eval.com/case-studies): Real-world security testing examples
- [Press](https://vibe-eval.com/press): Media resources and press kit
- [Privacy Policy](https://vibe-eval.com/privacy): Data handling and privacy practices
- [Terms of Service](https://vibe-eval.com/terms): Terms and conditions