Security for the code you didn't write
If you've shipped anything in the last 12 months, your codebase contains AI-generated code. Maybe 30%, maybe 80%. Probably more than you'd guess. Lovable built the landing page. Cursor wrote the API handlers. Claude Code refactored the auth flow. Replit generated the entire MVP in a weekend.
The code works. The product ships. The customers sign up. And then someone scans the repo.
24
AI-built apps tested
561
Vulnerabilities found
1
Clean build (out of 24)
From our Vibe Coded & Vulnerable study across Lovable, Replit, and Manus. Read the full study →
Why AI-generated code is its own problem
The bugs AI tools ship aren't the bugs humans ship. That sounds like a small distinction. It isn't.
Pattern-matching scanners were built for the bugs humans write
SQL injection that looks like SQL injection. Hardcoded credentials in obvious places. Use-after-free in C. These patterns are well-documented and well-detected.
AI tools ship a different category
Auth checks that pass but don't actually authorise. Permissive CORS settings copied from a tutorial. Hardcoded API keys in frontend bundles because the demo needed them. Database queries that look correct but don't filter by the authenticated user. The code looks like working code. It compiles. It passes tests. It just has a vulnerability tucked into the semantics.
Traditional SAST doesn't catch most of this. Our Vibe Coded & Vulnerable study found that platform defaults across Lovable, Replit, and Manus consistently produced critical security issues — and the existing tooling stack didn't flag them. Out of 24 builds, just one came back clean.
What Kolega catches that other scanners don't
Kolega reads the data flow across your codebase rather than matching code against patterns. That difference matters specifically for AI-generated code because the bugs are semantic, not syntactic.
BOLA (Broken Object Level Authorization)
Auth check passes, but the query doesn't filter by the authenticated user. Common in AI-generated CRUD endpoints.
Hardcoded secrets in frontend bundles
API keys and Supabase tokens with full database access, embedded in client-side code so the demo would work.
Missing rate limits on sensitive endpoints
Password reset, login, and OTP endpoints that ship without throttling because the tutorial didn't have it.
Permissive CORS configurations
Wildcard origins so the preview pane renders, shipped to production unchanged.
Broken auth flows
Auth tokens generated, but the validation logic has a gap that lets unauthenticated requests through.
Logic flaws in business rules
The code does what the prompt asked, but in a way that's exploitable.
On the RealVuln benchmark — 676 real production vulnerabilities, many of them semantic in nature — Kolega scores 92.4%. Snyk scores 16.7%. Semgrep scores 17.5%. The gap is what semantic analysis catches that pattern matching can't.
Works regardless of which AI tool built the code
Kolega doesn't care which generator produced your code. We integrate with your Git provider (GitHub, GitLab, Azure DevOps), scan whatever's in the repo, and flag the vulnerabilities — whether they were written by:
Lovable
The full-stack AI builder. Common defaults include permissive RLS, hardcoded keys, missing rate limits.
Replit Agent
Generates and ships full apps. Our research found Replit-built apps averaging 26+ vulnerabilities each.
Manus
One of the worst performers in our study, averaging ~30 vulnerabilities per build with multiple criticals per app.
Cursor
Used for editing more than greenfield, but still produces semantic bugs at scale.
Claude Code
Generally cleaner than browser-based builders, but still produces enough bugs that scanning matters.
Bolt, v0, Windsurf
Different defaults, different bug profiles, same need for review.
The pitch doesn't change between platforms. AI tools optimise for “working code in front of the user.” Security is downstream of that. Kolega catches what the platforms didn't.
What you should actually do
Three things, in order.
- 01
Scan whatever you ship
Not on a schedule. On every PR. The cost of catching a bug at the PR is roughly zero. The cost of catching it after a researcher posts a thread on X is whatever your company is worth.
- 02
Don't trust platform defaults
If your stack inherits CORS settings, database permissions, or auth scopes from a generator's template, treat them as starting points and tighten them. The default exists because it makes the demo work. Your production isn't a demo.
- 03
Treat AI-generated code the way you'd treat a junior dev's first PR
The code might be great. It also might have shipped a BOLA, a missing rate limit, and an exposed admin endpoint, and the model that wrote it has no idea which. Review the structure, not just the function.
See what's in your AI-generated repo
The best way to understand what's in your AI-built code is to scan it. Findings appear within 3 minutes.
No credit card required. 7-day Pro trial. Drops to a free tier afterwards.