Loading user profile...

Consistent_Box_3587

1thread

3replies

Threads created

AI-generated code vulnerabilities identified by custom linter

A user developed a custom linter for AI-generated code and found critical vulnerabilities in 6 out of 7 GitHub repositories. Issues included hardcoded API keys, missing Row Level Security, and empty catch blocks. The linter, available on GitHub, aims to address severity rather than quantity of bugs.

Security

CLI

Recent replies

Reply to: Pre-release audit/checklist for Next.js project

Run lighthouse for perf stuff, check your headers with [securityheaders.com](http://securityheaders.com), and make sure you're not exposing any server-side env vars to the client. If you used AI for any of the code try npx prodlint, it catches a lot of the stuff AI tends to get wrong like missing rate limiting and exposed error details.

2/26/2026, 5:37:57 PMView on Reddit

150 hours at 00-150/hr for US market so 5k-22.5k range. Without an admin panel though you're gonna get scope creep fast, the client will want to manage products themselves within a month. I'd factor that in as a follow-up project.

2/26/2026, 5:36:28 PMView on platform

Reply to: AI-generated code vulnerabilities identified by custom linter

Sshould've linked it. [https://github.com/prodlint/prodlint](https://github.com/prodlint/prodlint) MIT licensed, zero config. Just npx prodlint in any JS/TS project.

2/21/2026, 12:59:48 AMView on Reddit

Loading user profile...