If posts like these are not allowed on here, then please forgive me mods. I have been lurking on this page for some time now, and know that many people on here building apps with use of AI tools (Claude/Lovable/Cursor, etc.). I have just seen many of the same security issues within the apps that I have audited thus far, and figured that a quick PSA styled post would be unequivocally beneficial :) That said, I have been auditing apps built with AI tools such as Cursor/Bolt/Lovable for quite some time now, and I have always noticed that the same security issues keep coming up in various different domains. With respect to AI generated code more broadly, regardless of the platform or medium that you choose to utilize in your vibe coding journey, I have noticed across the board that many of the exact same issues keep popping up all around. Citing what I have personally rendered from all of this, here is the exact checklist that I have distilled down and run myself on every build that I have encountered. This whole sequence takes ~30 to pull off end to end, and doesn't require any fancy tooling or deep technical knowledge; most of this is extremely rudimentary, yet high ROI all around. Security headers check: ~2 min (securityheaders.com) This check is one that is fairly straight forward to pull off, all you need is your live site link and access to the above URL. Running the check, what you are looking for is any grade above B; anything less than this from a security standpoint is a huge issue. In this case, improperly implemented headers mean that you are leaving your app open to a whole slew of possible exploits that simply do not need to happen; things such as clickjacking, content injection and cross site scripting attacks all become radically easier to pull off without any headers present to pose as a resistance layer. The fix here is most always a simple one line patch in your config, and given the risk that improperly configured headers pose, this is quite possibly one of the simplest yet high ROI patches that you could implement to galvanize your apps security. In my experience, missing X-Frame-Options and CSP headers seem to be the two most frequently overlooked in AI output.

What you deployed - scheduled dental client leads workflow, pushed to github and deployed on trigger.dev #AISChallenge

Most startups begin with WordPress, and it works well for the initial launch. However, scalable platforms often hit a performance ceiling. But Vettedge.domains reached a point where plugins and templates were holding the product back: 1) Slow load times 2) Generic design 3) Limited flexibility for marketplace logic The team needed a faster, more scalable foundation. My co-founder Imran and I rebuilt the platform from scratch using: Next.js & React for speed and performance Tailwind CSS for a fully custom, brand-specific UI Server-side rendering to improve SEO and indexability The result is a marketplace that loads instantly, feels premium, and is built to scale as the business grows. Sometimes, drag-and-drop tools are enough — until they aren’t. Video Demo 👇 https://lnkd.in/dKaSZGMf If your MVP is outgrowing its current setup, happy to chat. We’re opening 1 slot this month.

Starting tomorrow, I’m launching a public build journey. Goal: build and sell AI automation products/services to clients globally — and document everything openly inside this community. What I’ll be sharing: - AI automations I build - outreach experiments - client acquisition attempts - wins + failures - tools/workflows that actually work - pricing lessons - delivery systems - real-world use cases for businesses I’m not pretending to be a “guru.”I’m starting with execution first and learning publicly. The focus is simple:Build useful AI systems that save businesses time, reduce manual work, or generate revenue. Initial areas I’m exploring: - AI chatbots - lead generation automations - workflow automation - AI content systems - CRM/process automation - internal business assistants I’ll post updates consistently starting tomorrow. If anyone here is already building in this space, I’d genuinely love to connect, exchange ideas, and learn from people actually doing the work. Let’s see where this goes

Let's get to know each other! Comment below sharing where you are in the world, a career goal you have, and something you like to do for fun. 😊