/ return / operator

Welcome back.

sample report

Example

What a scan looks like.

Not your account — this is a preview of what VibeCheck reports against a typical vibe-coded app. Sign in to scan your own repo.

[00:00] cloning repo → github.com/acme/todo-app
[00:01] scanning 47 files...
[00:02] rule:exposed-api-key                ──  FAIL  (critical)
         └─ src/pages/api/chat.ts:12
            const key = "sk-proj-8f3c...";
[00:02] rule:supabase-service-role-client   ──  FAIL  (critical)
         └─ lib/supabase.ts uses service-role key client-side
[00:03] rule:permissive-cors                ──  FAIL  (high)
         └─ next.config.ts allow-origin → wildcard
[00:03] rule:dangerously-set-inner-html     ──  OK
[00:03] rule:sql-injection-concat           ──  OK
[00:03] rule:missing-csp                    ──  OK
[00:04] analysis complete → 3 issues
[00:04] badge: ❌  (resolve 2 critical, 1 high to pass)