VibeShield

Structural building inspector for the web. Detects AI-generated sites and security vulnerabilities.

VibeShield is your personal security inspector for the modern web. It analyzes every page you visit in real-time to detect potential security risks, identify AI-generated codebases, and prevent accidental secret exposure. 🛡️ What does VibeShield do? 1. AI Platform Detection Instantly identify if a website was built using AI generation tools. VibeShield detects signatures from: v0.dev / Replit / Bolt.new / Lovable 2. Comprehensive Vulnerability Scan Deep-dive analysis of client-side security risks, including: Permissive CORS: Detects Access-Control-Allow-Origin: * misuse. Information Exposure: Finds leaked stack traces (Python, Node.js) and debug mode indicators (Werkzeug, Django). Insecure Storage: Scans LocalStorage/SessionStorage for secrets and checks Cookies for missing Secure/HttpOnly flags. Missing Headers: Checks for critical headers like CSP, HSTS, X-Frame-Options, and Rate Limits (APIs). 3. Exposed Secret Scanning Scans client-side code (HTML, inline scripts, comments) for accidentally exposed credentials: Google API Keys Stripe Secret Keys AWS Access Keys OpenAI API Keys Slack Tokens Firebase Keys 4. Real-time Trust Score Get an instant 0-100 security score for every website. The extension badge changes color (Green/Yellow/Red) to give you an immediate visual indicator of the site's "vibe" and security posture. 🔒 Privacy First VibeShield works entirely offline within your browser. No data is sent to any server. No tracking or analytics. All analysis happens locally on your device. Local Storage Scanning: We verify your Local Storage and Session Storage for exposed secrets. This data is processed locally in memory and is never collected, stored, or transmitted : -Scanning: Happens in memory (RAM). -Storage: The report is saved to disk temporarily so the popup can show it. -Deletion: Instantly deleted when you close the tab Perfect for*: Developers auditing their own applications. Security enthusiasts analysing web security posture. Users who want to know if a site is AI-generated or secure. *Note: This extension is for educational and auditing purposes.