This article details how the Escape research team identified over 2,000 vulnerabilities in more than 5,600 applications built with vibe coding platforms. It explains their methodology, which included data gathering, attack surface scanning, and the introduction of the Visage Surface Scanner to analyze frontend code for security weaknesses.

As AI coding tools produce software rapidly, researchers highlight that the real issue is not the presence of bugs but a lack of judgment in the coding process. The speed at which vulnerabilities reach production outpaces traditional review processes, and AI-generated code often incorporates ineffective practices known as anti-patterns. To mitigate these risks, it's crucial to embed security guidelines directly into AI workflows.