Consequence-first scan of your AI-built project: 25 checks that catch the scariest things AI coding tools ship wrong — broken access control (IDOR), unenforced validation, missing security headers, no account deletion, no payment-amount validation. Enough signal to know which Pro audits to run next.
25
Total Checks
3
Delivery Formats
8
Categories
6
Versions
Your data could leak. Your project could be taken over.
You could be fined or sued.
One bad user could bankrupt you overnight.
Included
Never included
PATCH — curl response-handling prose now surfaces the `results_url` field the submit API returns to anonymous submitters (v4.8.0 site feature): the AI tells the user their public scorecard link, no login needed. Prose-only; no check changes. Scores comparable to v3.1.1.
Picked by pack overlap with this audit.
Pre-launch deployment checklist covering CI/CD pipeline health, monitoring setup, rollback strategy, and production configuration.
Deep inspection of environment variable handling, secrets storage patterns, and runtime configuration security.
Requirements-to-implementation comparison revealing feature gaps, scope creep, and mismatches between original specifications and what was built.
Mobile responsiveness assessment across phones, tablets, and screen sizes, covering viewport configuration, responsive layouts, touch-friendly sizing, and mobile UX patterns.
Core web performance assessment targeting load time and user experience, covering image optimization, bundle sizing, code splitting, caching, and rendering strategies.