// DOCUMENTATION
VibeLeak docs
Find what attackers check first. VibeLeak scans HTTPS, headers, exposure, and trust signals in seconds — and tells you exactly how to fix what it finds.
Core scanner
Live
5 scans per day on the free tier
Export format
Markdown
Limited-time free launch access when signed in
Trust loop
Recheck
Fix, scan again, confirm the lift
What you can do
Scan any website
Drop in a URL and get a structured trust read in seconds. No account required for the free scanner.
Fix with confidence
Every finding comes with a specific, prioritized fix — not just a warning label.
Track your progress
Recheck after fixes and watch the grade move. Build a release cadence around it.
See what ships next
Signed-in users open the dashboard roadmap to heart-vote planned and in-progress work. The scanner stays focused on findings, not product planning.
How it works
Submit a URL
Enter any domain. The scanner runs across transport, headers, exposure, and trust signals.
Receive a structured score
Get a grade plus categorized findings, each with evidence and a recommended fix.
Fix the top items
Work through findings in priority order. High and critical first.
Recheck
Run the same URL again to verify the grade moved and the blockers are cleared.
AIGuard
AIGuard detects AI provider API keys exposed in a site's HTML source. It runs passively — it reads what the scanner fetches, not what executes in a browser. Keys found in page source are high-signal: they indicate the key is in client-accessible code, exposed to anyone who views source.
Note: dynamically-loaded JS bundles (loaded at runtime, not present in the initial HTML) are not scanned by AIGuard. Dedicated JS bundle scanning tools should be used for deeper analysis.
What it detects
Provider endpoint references
AIGuard detects when page HTML references known AI provider endpoints (e.g. api.openai.com). This is informational — it confirms direct client-side use of an AI service and should be reviewed alongside auth, proxying, and key handling. Same-origin bundle scanning can be enabled for deeper secret checks; active AI endpoint probing is not enabled by default.
What AIGuard does not detect
- • Keys without known provider prefixes (generic API keys, JWTs)
- • Keys in Web Workers, service workers, cross-origin bundles, or dynamically-loaded JS not referenced in the initial HTML
- • Whether a key is used in development vs. production
- • Keys behind authentication on internal tools
- • Active probing of AI service endpoints or cloud infrastructure
CloudLeak
CloudLeak detects Firebase Realtime Database and Supabase REST API references, then probes whether those endpoints are accessible without authentication. It also scans delivered HTML and same-origin JavaScript for public cloud storage URLs across Supabase Storage, Firebase Storage, S3, Google Cloud Storage, and Azure Blob.
Misconfigured cloud backends are a common source of data breaches. Storage URL findings are conservative: visible bucket URLs are treated as review signals, while public listing probes are raised when a safe unauthenticated metadata/listing endpoint confirms exposure.
What it detects
What CloudLeak does not detect
- • Buckets that are private and never referenced by browser-visible code
- • Object contents behind signed URLs, authentication, or unreferenced internal paths
- • Authentication bypass vulnerabilities
- • Sensitivity of data — any accessible DB triggers, regardless of content
- • Rate-limit-induced false negatives
Remediation
For Firebase and Supabase databases: enforce auth and RLS/security rules. For storage: separate public assets from user/private files, disable bucket listing, use signed URLs for private objects, and audit any bucket referenced in client code.
DataLeak
DataLeak looks for the passive public-surface version of API overfetch: same-origin JSON endpoints referenced in delivered HTML or same-origin JavaScript that return private-looking fields without authentication.
This targets the pattern where the backend sends too much data and the frontend merely hides it. Probes are capped, GET-only, same-origin, and skip auth, checkout, upload, webhook, and destructive-looking paths.
What DataLeak does not detect
- • Authenticated-only APIs that require a real user session
- • IDOR bugs where Account A can read Account B only after supplying account-specific IDs
- • Endpoints built dynamically at runtime and not visible in initial HTML or same-origin bundles
Owner-verified IDOR scan
Owner-verified IDOR scanning is separate from the normal public scan. A signed-in owner can submit two test account sessions and a small list of same-site JSON paths; VibeLeak compares Account A and Account B responses for cross-account markers, shared private-looking payloads, messages, drafts, profiles, roles, and account data.
Supplied headers are used only for the live request and are not stored. The API requires explicit owner confirmation and blocks internal/private targets with the same SSRF protections used by the public scanner.
API preview
Use POST /api/owner-idor-scan with owner_confirmation: true, target_url, up to 10 relative paths, and two account header sets. For stronger confirmation, include account-specific marker strings such as test-user emails or unique draft text.
ThreatSurface
ThreatSurface runs four parallel passive-surface probes that test for common runtime and configuration exposures. All checks run simultaneously and complete in a single scan pass.
These checks focus on signals that are directly visible in HTTP responses and headers — no authentication, no JS execution, no internal access.
What it checks
What ThreatSurface does not detect
- • Whether auth endpoints actually enforce rate-limits server-side (only checks response signals)
- • Open redirects that require JavaScript execution or session state
- • Error disclosure behind authenticated routes
- • Server-side request forgery (SSRF) — redirect probes follow zero hops
VibeSignal (AI Signal Score)
VibeSignal is a parallel score to the trust grade. It answers whether AI crawlers, answer engines, and autonomous agents can find, read, and use your public site — using only passive signals visible without authentication.
The headline is a 0–100 score with a status label (Strong, Partial, or Weak signal). Five category rows each cap at 20 points: Discoverability, Content Access, Bot Access, Protocol Discovery, and Commerce Readiness. Detailed items appear as findings in the AI Signals view inside findings review.
Compatibility
- • API field
vibeSignalis primary;agentReadinessis a deprecated alias when present. - • Stored scans may still use legacy DB columns
agent_readiness_scoreandagent_readiness_data; the app maps them at read time. - • Finding categories
ai-signaland legacyagent-readinessare both shown as AI Signals in the UI.
Markdown reference
A longer-form reference for operators lives in docs/vibesignal.md in the repository.
Severity model
Each finding is tagged with a severity level that determines how it affects the overall grade and urgency of the fix.
Remediation steps
Every finding includes a specific recommended fix. The fastest-lift items are surfaced first. Without signing in, the live scanner shows a preview of issues; full remediation text, export, and score watch require an account.
- HTTPS enforcement via TLS certificate
- Security header coverage (CSP, X-Frame-Options, HSTS)
- Exposure pattern mitigation
- Trust signal alignment
The recheck loop
The recheck is the payoff. Run the same URL after applying fixes to confirm score movement and track momentum.
When you are signed in, you can also use the Monitored domains area on the dashboard: enable score watch on a full trust scan (letter grade), run Recheck now for an on-demand rescan, or let scheduled rescans update grades. If email delivery is enabled for VibeLeak, grade-change alerts are sent from our notification system.
Tip
Build a recheck into your release checklist. Scan before → fix → scan after → confirm the grade moved.
Architecture overview
Is VibeLeak safe to use?
Yes. The normal VibeLeak scan is a passive public-surface check. It requests public HTTP(S) resources and reads visible signals like TLS state, redirects, headers, cookies, DNS, public files, and AI-facing metadata. It does not log into the target site, does not ask for target credentials, and blocks localhost, private networks, cloud metadata hosts, and private-address redirects.
What VibeLeak stores
Scan URL/domain, timestamps, grade, findings, evidence summaries, account ownership, export/watch state, and the product metadata needed to save, recheck, and operate the report.
What VibeLeak does not store
Full target page content, target user data, target cookies, target sessions, or private application data from the scanned site.
Who sees full reports
Only the signed-in owner can access detailed findings, remediation, evidence archives, and Markdown exports. Public scan links are redacted, noindex grade cards.
What logs are for
Operational events may record status, IDs, timing, URL/domain, account state, and delivery status for reliability and abuse prevention. Generated Markdown report bodies are not public report surfaces.
Limited-time free launch access
The scanner itself stays free at 5 public scans per day. During launch, signed-in free users can also reveal full findings and fixes and download Markdown exports. That detailed free report access is temporary; later free reports may blur fixes and exports until the user upgrades.
Reading your score
VibeLeak grades run from F to S. The canonical score starts at 100, subtracts critical -45, high -16, medium -8, low -3, and info -1, then applies caps so severity and letter grade stay honest. A scan with zero findings is the only path to 100/100.
98-100. Elite trust signal; 100/100 means zero findings.
90-97. Strong posture with only low/info hygiene gaps.
75-89. Good with tuneups; any high or medium finding caps below A.
55-74. Common gaps; repeated medium or high-plus-medium mixes land here.
35-54. Significant risk; one critical finding caps the score here.
0-34. Critical action; two critical findings or scan failure land here.
Product roadmap
The forward-looking product roadmap lives in the dashboard after you sign in (/dashboard/roadmap). It shows what we are planning and building next — not a long history of completed work. You can heart-vote on items to help prioritize. The scanner focuses on your results and fixes; it is not a roadmap surface.
Export to Markdown and fix with AI
Signed-in users can export a full trust scan as structured Markdown: your site grade, findings with evidence, remediation in priority order, and operator instructions that tell an agent to audit the live site against the list before changing anything, preserve behavior, and plan a rescan after deploy.
The workflow
What to say to your agent
# Prompt template
Here is my VibeLeak security report for [domain].
Fix all critical and high severity findings in order.
For each fix, explain what you changed and why.
[paste report contents or file path]
Compatible agents
Gating
Markdown export requires a signed-in account and scan ownership. Signed-in free users have limited-time launch access to full findings, fixes, and exports. Later, the free tier may keep scanning free while blurring detailed fixes and export until upgrade.
VibeSignal Export
After running a VibeSignal scan, you can export your AI visibility report as a Markdown file.
How it works
- Run a scan on any URL (Full Scan or VibeSignal Only mode)
- Sign in, then click Export VibeSignal Report in the results panel
- The
.mddownloads, and an account email copy may be sent when email delivery is enabled - Open the file in any editor or drop it into your AI agent
Using the report with your AI agent
The report is designed to be agent-ready. You can:
- Drop the
.mdfile into Claude, ChatGPT, Cursor, Windsurf, or any agent with file upload - Ask: "Implement all the fixes in this report for my website"
- The agent will implement changes to your
robots.txt,llms.txt, schema markup, headers, and.well-known/endpoints - Each finding includes the exact remediation steps with code examples
After fixing
Come back to VibeLeak and run a new VibeSignal scan on your URL. Each category score should improve as fixes are deployed. A perfect score (100/100) means your site is fully optimized for AI discoverability across ChatGPT, Perplexity, Claude, Gemini, and Copilot.
What VibeSignal checks
| Category | What's checked | Max points |
|---|---|---|
| Discoverability | robots.txt, sitemap.xml, canonical tags, AI bot rules | 20 |
| Content Access | llms.txt, JSON-LD structured data, semantic public content | 20 |
| Bot Control | robots.txt AI grants, X-Robots-Tag, meta robots | 20 |
| Protocol Discovery | MCP discovery, agent.json, OpenAPI, security.txt or auth discovery | 20 |
| Commerce Signals | Pricing page, checkout cues, Product/Offer JSON-LD, payment headers | 20 |
Free scanner
The core scanner is free and live now at 5 scans per day. No account is required to run a scan and see your grade and preview. Full findings, fixes, and Markdown exports are available to signed-in free users for a limited launch window.
Account & sign in
No account is required to use the free scanner — scan any public URL up to 5 times per day immediately. During launch, an account unlocks full findings, fixes, Markdown export, saved history (and claiming anonymous runs), score watch, dashboard monitoring, grade-change email alerts when scheduled rescans are enabled, Trust Index opt-in, and Pro access.
Sign-in methods
Google OAuth
FastestOne-click sign in with your Google account. No password required. Redirects back to the dashboard after auth.
Magic link
PasswordlessEnter your email and receive a sign-in link. Valid for a single use. No password to remember.
Email + password
ClassicStandard email and password sign-in. Use the same form to create a new account.
What an account gives you
Pro rollout
Pro is live in stages. Free scanning remains available at 5 scans per day, while signed-in free access to full findings, fixes, and Markdown export is a limited launch window. Pro targets higher daily limits and durable full-report access while team-oriented workflow continues shipping. Signed-in checkout returns to a clear terminal state: success lands on the dashboard, cancelled checkout returns to pricing with no plan change.
Read-only public JSON
GET /api/public/scan-summary?domain=example.com returns a small teaser (grade, counts, public page URL) — no API keys, no remediation bodies. Not a full partner API.
Trend view + deep diff
Watch entries show previous vs current letter grade. Rich per-finding diffs between two arbitrary scans remain roadmap.
Checkout return states
Paid plan checkout returns to /dashboard?checkout=success after payment and /pricing?checkout=cancelled after cancellation. Webhooks still control the actual subscription record.
Customer API keys
Not shipped. The badge URL and the public scan-summary endpoint are the supported integration points today.
Early capability access
Agency users get first access to new features and rollout waves, Pro users get the second wave, and Free users keep the stable public scanner.
Agency roadmap
Agency features are planned for teams managing trust across multiple client sites. The capabilities below are roadmap items, not fully shipped launch features.
Multi-site + bulk scanning
Queue and run scans across all your client domains from one dashboard.
Team seats + shared reports
Give clients and teammates access to shared scan results without individual logins.
Client-facing report packs
Package findings into branded, client-ready reports with your own formatting.
Priority roadmap input
Direct channel to flag what matters most for your clients' stacks.
The Trust Index
The Trust Index is a living public leaderboard of site security scores at /trust-index. It tracks who's winning the trust game, who improved the most, and what was recently scanned.
Every scan also shows a percentile rank — how your site compares against every other site scanned on VibeLeak. Sites with Grade A or S can opt in to appear in the public Hall of Fame. Signed-in users can also request Trust Index privacy for a scanned domain.
Trust Index opt-in — same network required. To opt in, your request must come from the same network/IP context as your originating scan. Shared VPNs, proxies, or IPs from large organizations may not qualify.
The viral mechanic
"Better than 71% of sites scanned this month." — that stat is shown immediately after every scan. It's the Spotify Wrapped mechanic. People share rankings, not raw scores.
Hall of Fame
Sites that earn Grade A or S can opt in to be listed publicly in the Hall of Fame. This is the credibility signal you put in READMEs, pitch decks, and press kits.
Most Improved
The Most Improved tab shows domains that were scanned more than once with the biggest grade jumps. No opt-in required — all public rescans qualify automatically.
The growth loop
The shareable moment is a verified grade lift after fixes ship. Most Improved is the proof that repeated scans moved the public surface, whether the final result is S, A, B, or a smaller but meaningful jump.
Privacy controls
If you scan a domain and do not want it listed in Trust Index views, sign in and use the privacy option on the saved scan result. The domain is hidden from Hall of Fame, Most Improved, and Recently Scanned for 48 hours while ownership proof is pending.
Grade change notifications
Every full scan result has a "Notify me if score changes" option for signed-in users. You'll get notified if the domain's grade shifts on the next configured rescan.
Trust badge
Grade A and S sites can embed a live trust badge anywhere — GitHub READMEs, landing pages, footers, pitch decks. The badge fetches the current grade fresh every hour.
Markdown embed:
