built a thing that scans your vibe-coded site and hands you a PDF your AI can use to fix it. want free testers

we all vibe code now. describe the thing, AI builds it, it works, you ship. cool.

the catch: the AI only cares that it runs, not that it's safe. so these sites end up with random stuff exposed admin pages, api keys, endpoints, config that you have no idea is out there.

that's Xseth. you point it at your site, it pokes at it like an attacker would, and hands you a PDF with everything it found + how to fix each one. and here's the fun part: you just drop that PDF into whatever AI you built the site with (cursor, lovable, bolt, whatever) and let it patch the stuff for you. no security background needed.

free right now we're in beta and just want people using it and telling us what sucks.

got a side project live somewhere? come scan it

reddit.com
u/Slow-Attorney406 — 3 days ago

built a thing that scans your vibe-coded site and hands you a PDF your AI can use to fix it. want free testers

we all vibe code now. describe the thing, AI builds it, it works, you ship. cool.

the catch: the AI only cares that it runs, not that it's safe. so these sites end up with random stuff exposed admin pages, api keys, endpoints, config that you have no idea is out there.

that's Xseth. you point it at your site, it pokes at it like an attacker would, and hands you a PDF with everything it found + how to fix each one. and here's the fun part: you just drop that PDF into whatever AI you built the site with (cursor, lovable, bolt, whatever) and let it patch the stuff for you. no security background needed.

free right now we're in beta and just want people using it and telling us what sucks.

got a side project live somewhere? come scan it

reddit.com
u/Slow-Attorney406 — 3 days ago

built a thing that scans your vibe-coded site and hands you a PDF your AI can use to fix it. want free testers

we all vibe code now. describe the thing, AI builds it, it works, you ship. cool.

the catch: the AI only cares that it runs, not that it's safe. so these sites end up with random stuff exposed admin pages, api keys, endpoints, config that you have no idea is out there.

that's Xseth. you point it at your site, it pokes at it like an attacker would, and hands you a PDF with everything it found + how to fix each one. and here's the fun part: you just drop that PDF into whatever AI you built the site with (cursor, lovable, bolt, whatever) and let it patch the stuff for you. no security background needed.

free right now we're in beta and just want people using it and telling us what sucks.

got a side project live somewhere? come scan it 👉https://xseth.com/get-access

u/Slow-Attorney406 — 3 days ago

Vibe-coded (or any) website? Looking for beta testers for our security scanner, you get a plain-English report back

Hey everyone 👋 We're a small team building Xseth, a tool that scans websites for security weaknesses, and we're looking for a few people to test it on real sites and tell us honestly what they think.

The problem we're chasing: the moment a site goes live, automated bots start poking at it within minutes, looking for a way in. It's not personal, it's just constant background noise on the web hitting every site, all day. But if something's left open, the fallout is real: leaked customer data, someone taking over the admin account, the site getting defaced or quietly used to attack its own visitors. The best time to catch this is before you launch, not after.

This hits hardest on sites built fast, especially vibe-coded ones thrown together with AI tools, where the security basics quietly get skipped (keys left in plain view, logins that don't really lock anything down, databases anyone can reach). Not because the builder did anything wrong. It's just that nobody on the project was ever looking at it from an attacker's angle.

What testing looks like: you point us at a website you own, we run our scan, and you get back a clear, no-jargon PDF: here's the problem, here's why it matters, here's exactly how to fix it. Then you tell us the truth: did it make sense? Did it find anything real? What was confusing or missing? That feedback is the entire reason we're doing this.

Worth being straight: this isn't a full penetration test. It's a fast first-pass check of the things that most commonly go wrong, but that first pass tends to catch the stuff that actually burns people.

One ask: only point us at a website you own or have permission to test

If you want to be one of our testers, drop a comment or DM. We're early, and we read every single reply..

reddit.com
u/Slow-Attorney406 — 6 days ago

Vibe-coded your website? We'll run a free security scan before you launch. All sites welcome, just want honest feedback

Hey everyone 👋 We're a small team building Xseth, and we're looking for a handful of beta users. Here's the deal, straight up: we scan any website (vibe-coded, AI-built, or hand-coded) for security weaknesses, send you a plain-English report, and in return we just want your honest feedback. No payment, no catch.

Here's the thing most people don't realize: the moment your website goes live, it's out on the public internet, and automated bots start poking at it within minutes, looking for a way in. It's not personal. Nobody's targeting you specifically. It's just constant background noise hitting every site on the web, all day, every day. Your site is just another door for them to rattle.

If something's left open, the fallout is real:

  • Customer data (emails, messages, payment info) leaking out
  • Someone logging in as an admin and taking over your site
  • Your site getting defaced, or quietly used to attack your own visitors
  • The cleanup afterward: lost trust, lost customers, and in some places, real privacy fines

This hits hardest for sites built fast, especially "vibe-coded" ones thrown together with AI tools. They ship quick, which is honestly great. But the security basics tend to get skipped: secret keys left sitting in plain view, logins that don't actually lock anything down, databases anyone can reach. Not because the builder did anything wrong. It's just that nobody on the project was ever looking at it from an attacker's angle.

That's where we come in. What you get:

  • We check your site the way an attacker would on their first pass, surfacing the obvious weak spots before someone else finds them
  • A clear, no-jargon PDF report: here's the problem, here's why it matters, here's exactly how to fix it
  • Written so you can actually understand and act on it, technical or not

To be straight with you: this isn't a full-blown penetration test. It's a fast, honest first-pass check of the things that most often go wrong. But for most sites, that first pass catches the stuff that actually gets people burned.

All we ask in return: tell us what you think. Was the report clear? Useful? Did it find something real? What was confusing or missing? That feedback is the entire reason we're doing this. It's how we make Xseth genuinely useful.

One small thing: only submit a website you own or have permission to test

Drop a comment or DM and we'll get you set up. We're early, and we read every single reply.

reddit.com
u/Slow-Attorney406 — 6 days ago