live audits · last shipped this week

I make AI-generated apps
survive real users. Before an attacker does.

I take vibe-coded MVPs — Lovable, Cursor, Bolt, Replit, Claude — and close the gap between "demos well" and "safe in production." The catch: the AI that wrote the bug can't be trusted to find it. In one real app, the commit literally titled "Protect PII" was the breach.

Fully async. No calls, no timezones. You share the repo, I return a written audit and production-ready code — every finding and every change explained in writing.

authorization graph · resolved from the database upthe red node is the breach.
the gap

It demoed perfectly. Then it met users.

You shipped an MVP and got traction — first users, maybe an investor. Now it crashes under load, you're afraid to touch the code, there are no tests, the secrets are probably in the repo, and a senior hire is a six-week commitment you can't make this month.

You don't need a rewrite. You need someone senior to make what you already have safe to run in front of real people. That's the only thing I do.

proof · five live audits

What a senior review actually finds.

Five AI-built apps, five stacks. Seven critical flaws. Four of five were one query from a breach. One was genuinely solid — and I said so.

Meet-in-person sports app
React · Supabase · Lovable
The public key let anyone read every user's name, DOB, phone and exact home GPS. A commit titled "Protect PII" was the bug — two policies OR'd back to true.
P0 ×1P1 ×3
College scheduling SaaS
Vite · React · Supabase
Any signed-in user could promote themselves to admin — the role sat in a user-writable table and the update policy never pinned it.
P0 ×1P1 ×1
Healthcare recommendations
React · Express · Supabase
Two holes: patients could self-escalate to admin, and a default-public policy exposed every patient's raw PII to anyone with the public key.
P0 ×2P1 ×1
Multi-tenant CRM
.NET Blazor · Supabase
The customer table was readable, writable and deletable across every tenant with the browser key — and a view leaked all password hashes pre-login.
P0 ×2P1 ×2
AI developer-tool platform
Python · FastAPI · Supabase
No critical flaws. A genuinely strong, money-aware server-side design — credited honestly. The one risk: payment integrity rode on a single default-off flag.
P0 ×0P1 ×2

Targets anonymized by stack and domain. Full named reports with file:line remediation go privately to each owner, under responsible disclosure. The point isn't that AI code is bad — it's that telling a real flaw from a false alarm is senior judgment, not a scan.

why me

Judgment, not a scanner.

01

Senior judgment — shown, not claimed

Not a junior patching symptoms, and not a scanner dumping 200 findings. I find the one structural weakness, then the line of code that proves it. The five audits above are the résumé.

02

Multi-agent systems by background

I use AI agents to move fast across a whole codebase. Every architectural call is still human judgment — that's the part that can't be prompted.

03

Security resolved from the boundary up

I rebuild your real authorization model from the database, not the surface. That's how the five flaws above were found — and how false alarms were dismissed.

04

Written-first, always

Every finding and change is explained in prose you can forward to your team or investor. You keep the knowledge, not just a diff.

how it works · fully async

Written-first. No calls.

01

You share

The repo (read-only is fine) and three short answers about what's breaking.

02

Free teardown

I run the audit and send a written P0 / P1 / P2 list, cited at file:line — free, yours to keep.

03

I fix

If you go further: hardening, critical refactors, test coverage, CI/CD, handoff docs.

04

You ship

Confident it holds, with a written record of exactly what changed and why.

Async is the feature: you read deliverables when it suits you, keep a permanent paper trail, and nothing waits on a slot that works across two timezones.

Your code

Read-only access. NDA before access if you want one. Never stored beyond the engagement, never shared, never used to train anything.

Your risk

The teardown is free — you see real findings before paying. If a paid pass surfaces nothing actionable, you don't pay for it.

Proof first

Want to see the depth before you send anything? Ask for a redacted sample report — a real audit, one of the five above, with the actual findings.

how to start

See the holes first. Pay only to close them.

start here · free
00 · Teardown
Free
send a repo + 3 answers
  • I run the audit on your repo and send a written P0 / P1 / P2 list
  • Every finding cited at file:line
  • No call, no commitment — you keep the list either way
See exactly where you stand before you spend a cent.
01 · Fix-list
$149
48 hours
  • Exact patches + verification steps for your top 3 P0s
  • The "how to actually close it," not just "here's a hole"
  • Credited toward a Sprint if you go further
The fastest way from "I have a breach risk" to "it's handled."
02 · Hardening Sprint
$2.5k base
1–2 weeks · scales with scope
  • Fix everything: security hardening, critical-path refactors, tests
  • Working CI/CD + documentation
  • Deployed, tested code + a handoff document
From "works on my machine" to a system you can put in front of an investor.
03 · Retainer
$1.25k/mo
where Sprint clients continue
  • Code review on every new feature before it ships
  • Monitoring + incremental hardening
  • Written answers, same week
Senior engineering on call — asynchronously — so it stays solid as you grow.
start · free teardown

Send a repo and three answers. Get the findings free.

01

What's breaking right now?

02

What happens to the business if it isn't fixed in two weeks?

03

A link to the repo (read-only is fine), or a description of the stack.