
Roast My Repo — Vibe Code Launch Readiness | First Tree
Scan GitHub repos for security vulnerabilities and code issues, then auto-fix them.
u/Still_Amphibian545 · Reddit
almost launched a side project with my api keys sitting in the repo (a week free gpt 5.6 on us) was about a day from launching a small project when i noticed my openai key was just sitting in a committed file. it had been there for weeks. no idea how i missed it. made me wonder what else was wrong that i couldn't see. turns out for vibecoded stuff it's usually the same handful of things. secrets in the repo, endpoints with no auth, a database with no access rules, no limit on the ex










