Your AI-generated app is live. Users are signing up. Everything works.
Then someone finds your Stripe API key hardcoded in your client-side JavaScript. Or they inject SQL through a search box Cursor built. Or they create an admin account because Claude didn't implement role checks.
AI code tools don't think like attackers. They think like optimists.
Cursor, Claude, Bolt, v0, Replit — they're incredible at building features fast. But they skip security patterns that experienced developers know by instinct. They don't anticipate edge cases. They don't defend against malicious input.
Here are the 7 most common security holes in AI-generated code — and how to fix them before someone exploits your app.
1. Hardcoded API Keys & Secrets in Client-Side Code
What it is
AI tools often put API keys directly in your frontend JavaScript — which means anyone can view them in the browser's dev tools.
Why AI code does this
When you say "connect to Stripe," Cursor or Claude grabs your API key from your prompt or a config file and drops it into the code. It's the fastest path to "working code" — which is what the AI optimizes for.
Real example
``javascript
// ❌ AI-generated code often looks like this:
const stripe = Stripe('sk_live_abc123...'); // EXPOSED TO EVERYONE
`
Anyone can open your site, press F12, and copy your live Stripe key. They can now charge refunds, see customer data, or rack up API costs on your account.
The fix
- Never put secret keys in client-side code. Use environment variables and a backend API route.
- Move Stripe calls to a server-side function (Next.js API route, Cloudflare Worker, etc.)
- Use .env.local
for secrets, never commit.envto Git - Rotate any keys that were exposed
Security checklist for this issue:
- [ ] All API keys are in .env
files (not.env.example) - [ ] .env
is in.gitignore - [ ] Stripe/payment keys only exist in backend code
- [ ] Frontend only sends requests to your API, never directly to third-party services with secret keys
2. Missing Input Validation = SQL Injection & XSS Attacks
What it is
Your app accepts user input (search box, contact form, profile field) and doesn't validate or sanitize it. Attackers can inject malicious code.
Why AI code does this
AI tools focus on the happy path: "user enters valid data, app processes it." They rarely add validation unless you explicitly ask for it.
Real example (SQL injection via search box)
`javascript
// ❌ AI-generated database query:
const results = await db.query(SELECT * FROM products WHERE name LIKE '%${searchTerm}%');
`
An attacker types '; DROP TABLE users; -- into your search box. Your entire users table is now deleted.
The fix
- Always validate input. Use schema validation libraries like Zod or Yup.
- Use parameterized queries (prepared statements) for databases — never string concatenation.
- Sanitize HTML output. Use libraries like DOMPurify for user-generated content.
Security checklist for this issue:
- [ ] All user inputs validated with a schema (Zod, Yup, Joi)
- [ ] Database queries use parameterized statements (not string interpolation)
- [ ] User-generated content sanitized before rendering (DOMPurify, XSS libraries)
- [ ] Error messages don't reveal database structure or stack traces
3. Broken Authentication = Anyone Can Access Admin Routes
What it is
AI code creates admin pages, dashboards, or delete buttons without checking if the current user has permission.
Why AI code does this
When you say "add an admin dashboard," AI tools build the UI and routes. But they assume authentication is "already handled elsewhere." They don't add role checks unless you explicitly prompt for them.
Real example
`javascript
// ❌ AI-generated admin route:
app.get('/admin/delete-user/:id', async (req, res) => {
await db.users.delete(req.params.id);
res.send('User deleted');
});
`
No check for req.user.isAdmin. Anyone who knows the URL can delete users.
The fix
- Add authentication middleware to every protected route.
- Check user roles before allowing admin actions.
- Never trust client-side role checks — always verify on the server.
Security checklist for this issue:
- [ ] Every protected route has auth middleware (e.g., requireAuth()
) - [ ] Admin routes check user.role === 'admin'
server-side - [ ] No client-side role checks without server-side verification
- [ ] Sensitive actions (delete, update, payment) double-check permissions
4. CORS Misconfiguration = Your API is Open to the World
What it is
Cross-Origin Resource Sharing (CORS) controls which websites can call your API. AI code often sets Access-Control-Allow-Origin: *, which means any website can access your API.
Why AI code does this
When you get a CORS error during development, AI tools suggest the fastest fix: "allow all origins." This works locally, but it's a security hole in production.
The fix
- Whitelist only your frontend domain in production CORS config.
- Use credentials: true if your API relies on cookies.
- Reject requests from unknown origins.
Security checklist for this issue:
- [ ] CORS origin
is set to your production domain (not*) - [ ] Credentials are only allowed for trusted origins
- [ ] API returns 403 for requests from unauthorized origins
5. Environment Variable Leaks = Secrets in Git or Client Bundles
What it is
AI tools create .env files with secrets, but they don't always add .env to .gitignore. You commit your secrets to GitHub. Or secrets end up in your client-side JavaScript bundle.
The fix
- Add .env
to.gitignoreimmediately. - Use .env.example
with placeholder values (commit this instead). - Audit Git history — if you already committed secrets, rotate them and use BFG Repo-Cleaner to purge the history.
Security checklist for this issue:
- [ ] .env
is in.gitignore - [ ] .env.example
has placeholder values only - [ ] No secrets in Git history (check with git log -p | grep -i 'api_key'
) - [ ] Use Vercel/Netlify environment variables instead of committing .env
6. Vulnerable Dependencies = Exploitable NPM Packages
What it is
AI code installs npm packages to add features. Many of these packages have known security vulnerabilities.
Why AI code does this
AI tools grab the most popular packages from npm without checking for vulnerabilities. They optimize for "fastest path to working code," not "most secure code."
The fix
- Run npm audit
after every AI-generated install. - Update dependencies regularly — use npm update
or Dependabot. - Use Snyk or Socket.dev to scan for vulnerabilities before deploying.
Security checklist for this issue:
- [ ] Run npm audit
and fix all high/critical vulnerabilities - [ ] No dependencies with known CVEs in production
- [ ] Set up Dependabot or Snyk for automated vulnerability alerts
7. No Rate Limiting = Your API Gets DDoS'd or Spammed
What it is
Your API has no rate limiting. Attackers (or a single angry user) can send 10,000 requests per second, crashing your server or racking up massive cloud bills.
Why AI code does this
Rate limiting is infrastructure code. AI tools focus on feature code. They don't add rate limiting unless you explicitly ask.
The fix
- Add rate limiting middleware (express-rate-limit, upstash-ratelimit).
- Limit by IP address (careful with shared IPs behind proxies).
- Use CAPTCHA for public forms (hCaptcha, Cloudflare Turnstile).
Security checklist for this issue:
- [ ] Rate limiting middleware on all public API routes
- [ ] Login/signup routes limited to 5 requests per minute per IP
- [ ] Contact form has CAPTCHA or Cloudflare Turnstile
- [ ] Cloudflare or WAF configured for DDoS protection
What to Do Next
If your app has any of these 7 issues, you're at risk. Here's how to fix it:
- Audit your code — Go through the checklists above.
- Run automated scans — npm audit`, Snyk, or Socket.dev for deeper analysis.
- Get a professional security audit — AI code has predictable patterns. A security expert can find holes you didn't know existed.
We offer a free AI Code Security Audit for Cursor/Claude/Bolt apps.
- We scan for all 7 risks above
- 48-hour turnaround
- Actionable fix checklist
- $0 upfront — pay only if you want us to fix the issues
Get Your Free Security Audit →
Related Tools: