7 Security Mistakes AI Code Generators Make (and How to Fix Them)

Your AI writes fast, but it also writes vulnerable. These are the 7 most common AI generated code security flaws we see in production.

Why AI-Generated Code Has Security Blind Spots

A 2023 Stanford study found that developers using AI assistants produced code that was significantly more likely to contain security vulnerabilities than code written without AI help. The numbers are hard to ignore.

The reason is simple. AI models are trained on millions of public repositories, and most open source code was never written with production security in mind. Stack Overflow answers, tutorial repos, hobby projects. The AI learns to produce code that works, not code that is safe. When you use tools like Cursor, Lovable, Bolt, v0, or ChatGPT to generate full features, you inherit every shortcut the training data contained.

Vibe coding security risks are real. You ship faster, but you also ship vulnerabilities faster. Here are the seven most common ones we see in AI-generated projects, and how to fix each one.

1. Hardcoded API Keys in Frontend Code

This is the single most common vibe coding security risk. You ask an AI to "add Stripe payments" or "connect to the OpenAI API," and it drops the secret key right into a client-side file. The key ships to every browser that loads your page.

The fix: Move all secret keys to environment variables. Use .env.local for local development and your hosting platform's environment settings for production. Never prefix secrets with NEXT_PUBLIC_ unless they are truly meant to be public.

2. Missing Authentication on API Routes

AI tools generate API endpoints that work perfectly in development but have zero authentication checks. Anyone who discovers the URL can read, write, or delete data.

// BAD: No auth check
export async function GET() {
  const users = await db.query('SELECT * FROM users')
  return Response.json(users)
}

// GOOD: Verify session before returning data
export async function GET() {
  const session = await getServerSession()
  if (!session) return new Response('Unauthorized', { status: 401 })
  const users = await db.query('SELECT * FROM users')
  return Response.json(users)
}

The fix: Every API route needs an authentication check at the top. No exceptions. If you use Supabase, enforce Row Level Security on every table.

3. No Content-Security-Policy Headers

AI code generators almost never add security headers. Content-Security-Policy (CSP) tells the browser which scripts, styles, and resources are allowed to load. Without it, your site is wide open to cross-site scripting (XSS) attacks. An attacker can inject a malicious script, and the browser will happily execute it.

The fix: Add a CSP header in your middleware or server config. Start with a restrictive policy and loosen it only where needed. At minimum, set default-src 'self' and explicitly whitelist external resources.

4. Exposed Database Credentials

AI assistants frequently generate database connection strings with credentials inline. Even worse, some scaffold config files with real values, and those files end up committed to public GitHub repos.

The fix: Add .env* to your .gitignorebefore your first commit. Use your platform's secret management instead of files. Rotate any credential that has ever been committed to a repository.

5. Missing Rate Limiting

AI-generated APIs almost never include rate limiting. This leaves your endpoints open to brute force attacks, credential stuffing, and abuse that can run up your cloud bill overnight. An attacker can hit your login endpoint thousands of times per second, or call your AI-powered route until your OpenAI bill hits four figures.

The fix: Add rate limiting to every public-facing endpoint. Use Upstash Redis, Cloudflare Rate Limiting, or even a simple in-memory store for low-traffic apps. Critical endpoints like login and payment should have strict limits (5-10 requests per minute per IP).

6. Insecure CORS Configuration

When AI encounters a CORS error during development, its go-to fix is Access-Control-Allow-Origin: *. This tells the browser that any website in the world can make requests to your API. Combined with missing auth, this means any malicious site can steal your users' data.

// BAD: Allows requests from any origin
headers.set('Access-Control-Allow-Origin', '*')

// GOOD: Restrict to your own domain
headers.set('Access-Control-Allow-Origin', 'https://yourdomain.com')

The fix: Set CORS to allow only your own domain. If you need to support multiple origins, validate the request's Origin header against an explicit allowlist. Never use the wildcard in production.

7. No Input Validation

AI-generated code trusts user input by default. Form data, query parameters, and request bodies are passed straight to database queries or rendered into HTML without sanitization. This opens the door to SQL injection, XSS, and other injection attacks.

// BAD: Raw user input in query
const { searchTerm } = await request.json()
const results = await db.query(`SELECT * FROM products WHERE name = '${searchTerm}'`)

// GOOD: Parameterized query + schema validation
const { searchTerm } = schema.parse(await request.json())
const results = await db.query('SELECT * FROM products WHERE name = $1', [searchTerm])

The fix: Validate every input with a schema library like Zod before it touches your backend. Use parameterized queries or an ORM like Prisma. Never concatenate user input into SQL strings or HTML output.

How to Catch All 7 in One Scan

You could audit each of these manually. Or you could paste your URL into UNPWNED and get results in 60 seconds.

UNPWNED scans your live domain for all seven of these issues and hundreds more. It checks your security headers, exposed secrets, API authentication, CORS policies, rate limiting behavior, and input handling. You get a security grade, a prioritized list of findings, and Pro reports include AI-generated fix guidance for detected findings.

Built specifically for vibe coders and indie hackers who ship fast with AI tools and need to know what their code generator left exposed. No security expertise required. No source code access needed.