Stop shipping security holes in your vibe coded apps
๐ฌ๐ผ๐๐ฟ ๐๐ถ๐ฏ๐ฒ-๐ฐ๐ผ๐ฑ๐ฒ๐ฑ ๐ฎ๐ฝ๐ฝ ๐บ๐ถ๐ด๐ต๐ ๐น๐ผ๐ผ๐ธ ๐ด๐ฟ๐ฒ๐ฎ๐โฆ ๐ฏ๐๐ ๐ถ๐ ๐ถ๐ ๐ต๐ฎ๐ฐ๐ธ๐ฎ๐ฏ๐น๐ฒ? ๐จ
Most AI-generated apps look polished on the surface.
Behind the scenes? Leaked secrets, missing auth, and exposed user data.
Thatโs why Adam Balogun built Yikes: a security scanner made specifically for indie hackers shipping with Next.js + Supabase.
๐๐ผ๐ ๐ถ๐ ๐๐ผ๐ฟ๐ธ๐
1๏ธโฃ Paste your GitHub repo URL
2๏ธโฃ Yikes runs 18+ security checks
3๏ธโฃ Get plain-English findings with copy/paste fix code
No CVE reports.
No security expertise needed.
Under 60 seconds.
๐ช๐ต๐ฎ๐ ๐ถ๐ ๐ฐ๐ฎ๐๐ฐ๐ต๐ฒ๐
โ
NEXT_PUBLIC_ secrets exposing your entire database
โ
Supabase RLS disabled, users reading each other's data
โ
API routes with zero auth
โ
SQL injection, XSS, missing rate limits
โ
And more
๐ฃ๐ฟ๐ถ๐ฐ๐ถ๐ป๐ด
๐ Free: 5 scans/day, enough to check your main project
โก Pro ($19.99 one-time): Unlimited scans + deeper checks for auth flaws & cloud misconfigs + private repo scanning
๐ง Pro + Fix ($49.99): I personally review your code and open a PR with every fix within 48 hours
๐ Monthly ($5/mo): Unlimited scans, PDF reports, new rules added monthly
If you're building fast, security shouldn't be an afterthought.
Paste your repo.
See what's exposed.
Fix it before someone else finds it ๐
๐ https://yikes-security.vercel.app/
