Kelp
§ 00Security review · vibe-coded apps

AI wrote your app.
Kelp finds the doors it left open.

The security agent for vibe-coded apps. We probe your backend the way an attacker would — with real user context, no theatre — and hand you the fix, ready to paste back into whatever AI tool built it.

No signupPublic repos only
scan/roamly-app
5 specialists · streaming
13:04:12[postgrest]probing rls on public schema…
13:04:12[edge-fn]listing functions… found 6
13:04:13[auth]reading supabase config.toml
13:04:13[secrets]walking src/… 214 files
13:04:14[postgrest]profiles.email — READ open to anon
13:04:14[edge-fn]get-order verify_jwt=false
13:04:15[secrets]VITE_SERVICE_ROLE at src/lib/db.ts:14
13:04:15[auth]reset flow missing rate-limit
13:04:16[postgrest]invoices.* no policy, table exposed
13:04:16[reviewer]merging 5 leads → confirmed 4, dropped 1 unreproducible
13:04:18[reviewer]report ready · 4 findings · 2 auto-fixable · 00:06.2

An excerpt from an actual dispatch. Nothing invented, nothing dramatised.

0%
of AI-generated apps ship a security flaw
0
classes covered end-to-end, with real evidence
< 0 min
median time to first actionable fix
§ 01Coverage

Three classes. Real evidence. No wall of warnings.

We cover the vulnerabilities that actually breach AI-generated apps, and we ship a fix for each. Everything else is honestly out of scope.

RLS-001
Class 01

Row-Level Security, checked policy-by-policy.

Kelp reads your Supabase schema and finds the tables and columns anyone can read or write. Fixes ship as an owner-scoped policy you can review before running.

SEC-002
Class 02

Secrets exfiltrated by the frontend.

Service-role keys, Stripe secrets, and OpenAI tokens committed to the client bundle. Kelp opens a pull request that moves them to env vars and flags rotation.

BOLA-003
Class 03

Broken object authorization, actively probed.

With your consent, one authenticated user tries to reach another's data by ID. It's the exact failure behind the loudest public breaches of AI-generated apps.

§ 02How it works

Connect, scan, fix. In that order.

Step 01

Connect

Sign in with GitHub and link your Supabase project. Scoped tokens only — the service_role key stays in your project.

Step 02

Scan

Kelp reads your schema and code, then runs authorized probes. Every request is logged in your audit trail.

Step 03

Fix

Read a plain-language report, apply ready-made fixes with one click, and stay covered on every push to main.

§ 02bEvidence, not maybes

Proven, not theoretical.

Every finding Kelp files has been reproduced. Our executor re-runs the model's exploit before it becomes a ticket — no observable, no finding. That's why our reports are shorter than a scanner's, and why every line is real.

Guarantee · 01

Agents reason, adversaries prove.

Kelp's agents form hypotheses freely; the executor accepts them only when the exploit reproduces against your actual endpoints, with real user context.

Guarantee · 02

Auth model as ground truth.

Before any finding is filed, Kelp derives your app's auth model — cookies, CORS, JWTs, one-time tokens — and refuses findings that don't survive it. No CSRF cries on bearer-JWT apps.

Guarantee · 03

Full transcript per finding.

Every finding ships with the reasoning, the probe, and the response. Not a black box — the receipt for exactly how we know.

§ 03Pricing

Simple, per-project, no seat count.

Every plan gets the same three checks. Paid plans add continuous cover, auto-fix, and priority review.

Free
0one scan

One full scan, report only.

  • 1 project
  • All three checks
  • Full findings report
StarterRecommended
29per month

Continuous cover for your app.

  • 1 project
  • Continuous scanning
  • Auto-fix for RLS & secrets
  • Re-scan on every push
Agency
89per month

For studios shipping many apps.

  • Up to 5 projects
  • Everything in Starter
  • Priority human review
  • Email alerts
§ 04Questions

What people ask before they connect a repo.

Q · 01

Do I need to give Kelp my Supabase service-role key?

No. Kelp connects with a scoped Management API token, and we are moving to a per-project read-only Postgres role. Your service-role key never leaves your project.

Q · 02

Will Kelp change anything in my code without asking?

Never. Fixes for secrets are opened as pull requests against a fresh kelp/… branch, never pushed to your default branch. Database fixes are proposed as migrations you review and run yourself.

Q · 03

How is active testing safe on my production app?

Every campaign runs through a hard consent gate you accept per project — no consent, no probe. Evidence is stored as category plus count, never raw customer data, and every request is auditable.

Q · 04

Does Kelp claim to find every vulnerability?

No. We cover a small set of high-impact classes with high precision — the ones that actually breach AI-generated apps. Real fixes for RLS, secrets, and broken authorization beat a forty-page report of maybes.

§ 05Ready

Scan your app before your users do.

Connect a GitHub repo, accept the consent, and see your first findings within ten minutes. Free plan is a real full scan, not a teaser.