From the article
Your app works. But what's actually in there?
The audit prompt from the article. Paste it into Claude Code, Cursor, or Codex. Find out what you don't know is in there.
Get the free audit prompt
No spam. Unsubscribe any time.
audit-findings.md
Read-only
## 1) Executive summary Not safe for autonomous AI coding. Highest risk: two competing auth paths with no canonical authority declared. An AI agent will pick one confidently and be wrong. Problem type: documentation drift + unclear authority. ## 8) Security exposure findings HIGH api/webhooks/stripe.ts Signature verification missing. Any POST executes without validation. Exploitability: High. MED lib/supabase/admin.ts Service-role key imported in three non-admin paths. Blast radius if misused: Critical. ## 17) AI Change Governance Need Score Canonical path clarity 3/5 meaningful drift Auth/security boundary clarity 4/5 high risk Test/verification credibility 3/5 meaningful drift AI-worker safety 4/5 high risk Overall: High
What it uncovers
- Which parts of your repo are unclear, duplicated, stale, or risky
- Where an AI agent is most likely to extend the wrong path
- Whether auth, ownership, and data boundaries are obvious enough to trust
- Whether your tests and CI actually prove safety
- Whether your repo needs stronger governance before more AI coding
What you receive
AI Architecture & Security Drift Audit
Open your repo in a repo-aware AI coding tool, paste the full prompt, and get a structured findings report — including an AI Change Governance Need score.
- No code changes
- No installs
- No migrations
- No fixes
- Read-only findings report
This is not a security guarantee or a full code review. It is a static, read-only diagnostic designed to reveal whether your repo has enough architecture clarity, security boundaries, and workflow discipline for safe AI-assisted development.
