Bob Starr was thrilled with his new vibe-coded website, “Boomberg,” which exposed a critical SQL injection flaw. Security vulnerabilities abound in personal apps built using AI, as evidenced by stories from Jer Crane and Joe Procopio.

David Pierce of The Verge heralds the era of ‘personal software’ but warns that security is paramount, especially when apps handle sensitive data. Gabriel Bernadett-Shapiro of SentinelOne asserts that the risks increase significantly when personal apps transition into business use.

Jack Cable from Corridor advises caution: while vibe coding excels for low-risk prototypes and fitness trackers, financial records demand more rigorous scrutiny. Max Segall’s EzRun app highlights the vulnerability; a flaw could have exploited user accounts before launch. Meanwhile, researchers found 5,000 publicly accessible apps with no authentication or data leaks.

Despite pre-AI software often being insecure, the exponential rise in apps means an equally exponential increase in security risks. Overconfidence is a hazard when AI tools suggest code is secure. Regular prompts for security checks are crucial whether building or deploying data-sensitive applications.