Is my source code sent to ShipSafe servers?

Never. ShipSafe runs entirely on your machine. Scans, analysis, and auto-fixes all happen locally. Your source code never leaves your computer. No account required. Works offline.

How do I install ShipSafe?

Run: npm install -g @shipsafe/cli. Then run 'shipsafe scan' in any project directory. That's it — zero configuration required.

What does ShipSafe detect?

ShipSafe has 1,200+ detection rules covering SQL injection (127 rules), XSS (143 rules), prompt injection (7 rules), command injection (89 rules), SSRF (67 rules), hardcoded secrets (174 patterns), insecure authentication (98 rules), malicious MCP servers (30 patterns), path traversal, insecure deserialization, and more.

How is ShipSafe different from Snyk or SonarQube?

ShipSafe runs entirely locally (Snyk requires cloud), has AI-specific security rules like prompt injection and malicious MCP server detection (unique to ShipSafe), strips image metadata, and includes an MCP server for AI coding assistants. It's built for solo developers and small teams who use AI coding assistants.

Can I use ShipSafe with Claude, Cursor, or other AI tools?

Yes. ShipSafe includes an MCP server with 8 tools that plug directly into Claude, Cursor, Windsurf, and any other MCP-compatible assistant. Your AI can check security while it writes code.

What is prompt injection and does ShipSafe detect it?

Prompt injection is when untrusted user input is passed directly into LLM prompts, allowing attackers to manipulate AI behavior. ShipSafe has 7 dedicated rules that detect unsanitized user input in LLM prompts, system prompt leakage, indirect prompt injection via retrieved content, and prompt template manipulation.

What are malicious MCP servers and how does ShipSafe detect them?

Malicious MCP servers are rogue AI tool servers that can steal credentials, exfiltrate code, or inject malicious prompts. ShipSafe's scan-environment command checks your MCP configurations, CLAUDE.md files, git hooks, and npm scripts for 30 threat patterns including credential theft, data exfiltration, and prompt injection.

Yes. The free tier includes full security scanning with 1,200+ rules, git pre-commit hooks, baseline/delta mode, and support for 1 project. Pro ($19/mo) adds knowledge graph analysis, auto-fix, monitoring, and MCP server. Team ($49/mo) adds GitHub App integration and source maps.

How does ShipSafe reduce false positives?

ShipSafe uses Tree-sitter AST analysis to understand code context — it knows whether a variable comes from user input and whether it's been sanitized before reaching a dangerous sink. This context-aware detection dramatically reduces false positives compared to regex-only scanners.

Is it safe to use claude --dangerously-skip-permissions with ShipSafe?

ShipSafe's git pre-commit hooks provide a safety net when using --dangerously-skip-permissions. Even if Claude Code writes insecure code in autonomous mode, ShipSafe blocks the commit if it contains hardcoded secrets or critical vulnerabilities. Install hooks with: shipsafe hooks install.

March 17, 2026

5 Security Risks of AI-Generated Code (and How to Fix Them)

AI coding assistants ship features faster than any human developer. They also ship vulnerabilities faster. Here are the five biggest security risks of AI-generated code — also known as “vibe coding” — and practical strategies for detecting and fixing each one.

Prompt Injection in AI Features

When AI assistants build features that call other AI APIs, they often pass user input directly into prompts without sanitization. This is prompt injection — the #1 risk in the OWASP Top 10 for LLM Applications.

// AI-generated code — looks fine, is vulnerable
app.post("/chat", async (req, res) => {
  const response = await openai.chat.completions.create({
    model: "gpt-4",
    messages: [
      { role: "system", content: SYSTEM_PROMPT },
      { role: "user", content: req.body.message }, // injection!
    ],
  });
});

The fix: Validate and sanitize user input before passing it to LLM APIs. Set input length limits. Use prompt boundary tokens. ShipSafe has 7 dedicated prompt injection rules that catch this pattern automatically.

Hardcoded Secrets and API Keys

This is the most common vulnerability in AI-generated code. AI assistants often use API keys they find in the project context, or generate placeholder keys that look real. Developers then commit the code without noticing.

// AI helpfully adds your Stripe key directly
const stripe = require("stripe")("sk_live_4eC39HqLyjWDarjtT1zdp7dc");

// AI copies the database URL from your .env into code
const db = new Pool({
  connectionString: "postgresql://admin:secret@db.example.com/prod"
});

The fix: Always use environment variables for secrets. Install ShipSafe git hooks to block commits containing any of the 174 detected secret patterns.

SQL Injection in Database Queries

AI assistants sometimes generate raw SQL queries with string interpolation instead of parameterized queries. This is especially common when the AI is not sure which ORM you use, or when generating complex queries that do not fit the ORM API.

// AI generates a search endpoint with raw SQL
export async function searchProducts(query: string) {
  const results = await db.execute(
    `SELECT * FROM products WHERE name LIKE '%${query}%'`
  );
  return results;
}

The fix: Always use parameterized queries. With Prisma, use the tagged template syntax. ShipSafe has 127 SQL injection rules including Prisma and Next.js-specific awareness.

Missing Authentication and Authorization

When AI generates API endpoints, it often focuses on functionality and skips authentication. This is especially dangerous for admin routes, delete operations, and data modification endpoints. The AI gets the business logic right but forgets the security layer.

// AI generates working CRUD — but no auth
app.delete("/api/users/:id", async (req, res) => {
  await db.query("DELETE FROM users WHERE id = $1", [req.params.id]);
  res.json({ deleted: true });
});

// Anyone can delete any user!

The fix: Always add authentication middleware to sensitive routes. ShipSafe detects 98 authentication vulnerability patterns including missing auth middleware, weak password hashing, and insecure session management.

Image Metadata Leaking Location Data

This risk is unique to applications that handle user-uploaded images. Every photo taken with a smartphone contains EXIF metadata including GPS coordinates, camera model, timestamp, and sometimes even the photographer’s name. When your app serves these images without stripping metadata, you are leaking user location data.

AI assistants almost never think about image metadata. They build the upload, processing, and serving pipeline — but leave EXIF data intact.

The fix: ShipSafe’s MetaStrip integration (added in v1.0.6) automatically detects and strips image metadata from committed images. The git hook catches images with GPS data before they reach your repository.

The Vibe Coding Security Stack

If you use AI to write code (and you should — it is incredibly productive), protect yourself with this stack:

Install ShipSafe: npm install -g @shipsafe/cli
Set up git hooks: shipsafe hooks install — blocks vulnerabilities before commit
Add the MCP server: Let your AI assistant scan while it codes
Scan cloned repos: shipsafe scan-environment to detect environment threats
Set a baseline: shipsafe scan --baseline to track only new findings

AI Speed Requires AI Security

The productivity gains from AI coding are too large to ignore. But shipping code at AI speed without security scanning is like driving 200 mph without a seatbelt. ShipSafe is the seatbelt. It runs at machine speed, catches machine-generated vulnerabilities, and integrates directly with your AI workflow through MCP.

Security should not slow you down. With ShipSafe, it does not.

Secure Your AI-Generated Code

1,261 detection rules. AI-specific security. Free forever for solo projects.

npm install -g @shipsafe/cliGet Started Free