You’re viewing an example audit
Fortivibe reviews your app for the security, data, reliability, and deployment issues that can turn a promising prototype into a production headache.
Run an Audit on My AppThis app is NOT production-safe yet!
We found 7 critical/high-severity issues that could impact security, data, or reliability. We do not recommend shipping to production until the following issues are reviewed and resolved.
Urgent Issues
7
Est. Time to Fix
~4 hours
Files Checked
139
Dependencies Checked
42
Fix Before Launch
8 launch blockers
|
secrets |
Critical |
.env file appears committed |
||
|
secrets |
Critical |
OpenAI API key appears exposed client-side |
||
|
security |
High |
CORS allows wildcard origin |
||
|
security |
High |
Raw error may be returned to client |
||
|
validation |
High |
API route appears to be missing input validation |
Fix Soon
4 issues to fix
|
security |
Medium |
Content Security Policy appears missing |
||
|
runtime |
Medium |
Debug mode appears enabled |
||
|
ux |
Medium |
Error boundary appears missing |
||
|
ux |
Medium |
Loading states appear missing |
Polish Later
4 issues to fix
|
hygiene |
Low |
console.log detected in production code |
||
|
browser |
Low |
External link opens new tab without safe rel |
||
|
hygiene |
Low |
TODO/FIXME/HACK comments detected |
||
|
metadata |
Low |
Meta description appears missing |