Show HN: OWASP Scanner for Vibe Coded Apps

2•h_jain•9mo ago

Hey HN,

We just launched an early version of Circuit — a lightweight tool that helps vibe coders, citizen developers, and indie hackers run fast security scans focused on the OWASP Top 10 vulnerabilities and get practical fixes.

The problem we noticed: A lot of projects being built in no-code/low-code environments (Replit, Lovable, V0, Bubble, etc.) ship quickly but rarely get security reviewed. Even small apps often expose APIs, misconfigure auth, or leak secrets without realizing it.

With Circuit, you can: • Submit your app URL • Get a security report checking OWASP Top 10 vulnerabilities • Get suggested fixes for the issues found (not just a scary list)

We’re aiming to make security reviews fast and accessible for solo developers and small teams — without needing to be a security expert.

Right now: • It’s free while we’re in early stages • Feedback reports are emailed manually after scanning • You can see a sample report to know what to expect

Try it here: https://circuit.sh/

Comments

aniagent•9mo ago

Was looking for this exact thing, very interesting project.

alp1n3_eth•9mo ago

What are you using on the backend to actually scan it? Is it just ZAP / Burp Scanner? Or are you scanning the code itself, and just using a Semgrep / Snyk approach?

The landing page being free-tier Framer is a little sketch, the main contact should also probably be a form or an email address instead of a non-US phone number.

Is AI used throughout the entire process or just mainly focused on providing remedation recommendations based on the output of other tooling (scanners, JS analysis, secret scanning, etc.)?

Interesting project! Looking forward to see how it works and evolves.

Slint: Cross Platform UI Library

AI and Education: Generative AI and the Future of Critical Thinking

Maple Mono: Smooth your coding flow

Moltbook isn't real but it can still hurt you

Take Back the Em Dash–and Your Voice

Show HN: 289x speedup over MLP using Spectral Graphs

Teaching Mathematics

3D Printed Microfluidic Multiplexing [video]

Abstractions Are in the Eye of the Beholder

Show HN: Routed Attention – 75-99% savings by routing between O(N) and O(N²)

We didn't ask for this internet – Ezra Klein show [video]

The Real AI Talent War Is for Plumbers and Electricians

Show HN: MimiClaw, OpenClaw(Clawdbot)on $5 Chips

I Maintain My Blog in the Age of Agents

The Fall of the Nerds

I'm 15 and built a free tool for reading Greek/Latin texts. Would love feedback

How close is AI to taking my job?

You are the reason I am not reviewing this PR

Show HN: FamilyMemories.video – Turn static old photos into 5s AI videos

How Meta Made Linux a Planet-Scale Load Balancer

A Turing Test for AI Coding

How to Identify and Eliminate Unused AWS Resources

A2CDVI – HDMI output from from the Apple IIc's digital video output connector

CLI for Common Playwright Actions

Would you use an e-commerce platform that shares transaction fees with users?

Show HN: SafeClaw – a way to manage multiple Claude Code instances in containers

The Future of the Global Open-Source AI Ecosystem: From DeepSeek to AI+

The Evolution of the Interface

Azure: Virtual network routing appliance overview

Seedance2 – multi-shot AI video generation