Speed is the whole point of vibe coding. You type a high-level prompt, an LLM agent generates the code, and your app goes live in minutes instead of weeks. It feels like magic until you find out that magic often comes with a hidden price tag: security holes wide enough to drive a truck through.
The problem isn't just that AI makes mistakes. The problem is that it makes *specific* kinds of mistakes at scale. Recent research shows that while these models might pass functional tests half the time, they fail over 80% of security benchmarks. If you are managing projects built this way, you cannot rely on traditional security reviews alone. You need a new triage strategy focused on severity, exploitability, and impact tailored specifically for AI-generated code.
Why Vibe-Coded Code Is Different
To understand how to triage vulnerabilities here, you first have to understand why they appear. When you ask an Large Language Model (LLM) to write code, it doesn't think about security architecture. It predicts the next most likely token based on billions of lines of existing code. Much of that training data contains insecure patterns-hardcoded passwords, missing input validation, and legacy libraries.
This creates a unique risk profile. A human developer might forget one check here or there. An LLM, however, can propagate a single insecure pattern across dozens of files in seconds. According to data from Escape.tech, in a study of vibe-coded applications, over 62% of verified vulnerabilities involved exposed secrets or personally identifiable information (PII). Another 28% were critical access control failures. These aren't edge cases; they are the default output when security isn't explicitly prompted.
The speed of deployment exacerbates this. In traditional development, you might wait weeks for a release candidate. In vibe coding, the feedback loop is measured in seconds. If you don't catch these issues immediately, they become part of the core logic, making them harder to fix later without breaking functionality.
The Three Pillars of Triage: Severity, Exploitability, Impact
When a scanner flags an issue in an AI-generated project, your instinct might be to look at the CVSS score first. That’s a mistake. In the context of vibe coding, you need to weigh three factors differently than you would in hand-written code.
- Severity: How bad is the flaw technically? Is it a buffer overflow or a minor cosmetic bug?
- Exploitability: How easy is it for an attacker to trigger this? AI code often leaves doors wide open because it defaults to permissive settings.
- Impact: What happens if it gets exploited? Does it leak user data, allow admin takeover, or just crash the page?
Vidoc Security’s analysis provides a clear hierarchy for exploitability in AI code. Hardcoded secrets are exploitable in 100% of cases with trivial effort. Broken authorization follows closely at 87% exploitability with moderate effort. Insecure deserialization is lower at 63%, requiring advanced skills. If you see a hardcoded API key in a vibe-coded backend, do not debate its severity. Fix it now. It is the equivalent of leaving your house keys under the mat.
Benchmarking Reality: The SusVibes Data
You might wonder if these risks are theoretical. They are not. The SusVibes benchmark, published in late 2025, tested frontier LLMs against 200 tasks spanning 77 Common Weakness Enumeration (CWE) types. The results were stark. Models failed more than 80% of these security tests despite passing over 50% of functional tests.
Why does this matter for triage? Because it proves that "working code" is not "secure code." An LLM can generate a parser that correctly reads a file format but fails to sanitize inputs, leading to remote code execution. When triaging, you must assume that any complex logic generated by an AI has latent security flaws unless proven otherwise. Do not trust the fact that the feature works. Trust only the security scan.
| Vulnerability Type | Prevalence in Vibe Coding | Primary Cause | Triage Priority |
|---|---|---|---|
| Hardcoded Secrets | Very High (62%+) | LLM training on public repos | Critical (Immediate) |
| Broken Access Control | High (28%) | Lack of architectural context | Critical (Same Day) |
| SQL Injection / XSS | Moderate-High | Missing input sanitization prompts | High (Within 48 Hours) |
| Insecure Dependencies | Moderate | AI suggesting outdated packages | Medium (Next Sprint) |
Building a Triage Workflow for AI Code
You cannot manually review every line of code generated by an LLM. It is too much volume. Instead, you need a layered defense that automates the initial triage and reserves human expertise for the hardest problems.
Layer 1: Automated Scanning in CI/CD
Integrate Static Application Security Testing (SAST) tools like SonarQube into your pipeline immediately. These tools detect about 85% of code quality and security issues. For dynamic testing, use tools like OWASP ZAP to probe running applications. This catches the low-hanging fruit: syntax errors, obvious injection points, and known vulnerable library versions.
Layer 2: AI Self-Reflection
This is a newer technique but highly effective. After the LLM generates code, feed that code back into the model with a specific prompt: "Review this code for security vulnerabilities such as SQL injection, XSS, and hardcoded secrets. Suggest fixes." Research from Databricks showed that adding this self-reflective step reduced vulnerability rates by 57%. It forces the model to act as its own auditor, catching many logical errors it missed during generation.
Layer 3: Human Expert Review
Reserve human security engineers for the high-severity, low-exploitability issues and architectural decisions. Humans are needed to understand context that AI misses. For example, an AI might correctly encrypt data at rest but fail to realize that the encryption key is stored in the same database table. Only a human can spot that systemic design flaw.
Prioritizing with a Modified Risk Model
Traditional risk models like DREAD (Damage, Reproducibility, Exploitability, Affected Users, Discovery) need tweaking for vibe coding. ReversingLabs suggests a modified approach where 'Exposure' carries the highest weight (40%). Why? Because vibe-coded projects deploy so fast that exposure windows are short but intense. If a secret is leaked, it stays leaked forever. Therefore, prioritize issues based on how quickly they can be exploited and how widely the code is distributed.
- Exposure (40%): Is this code public? Is it in a shared library?
- Damage (30%): Can an attacker read/write/delete data?
- Reproducibility (15%): Is the bug consistent?
- Exploitability (10%): How much skill is needed to hack it?
- Affected Users (5%): How many people are impacted?
Use this weighting to sort your backlog. A minor UI glitch affecting 100 users is less urgent than a medium-complexity SQL injection affecting 10 users if that injection exposes their credit card numbers.
Common Pitfalls to Avoid
One major trap is assuming that fixing a vulnerability in one place fixes it everywhere. Because LLMs copy patterns, a hardcoded password might appear in five different files. When you patch one, you must search the entire repository for similar strings. Tools like GitGuardian help here by scanning all repositories, wikis, and chat logs for secrets, ensuring you rotate credentials globally rather than locally.
Another pitfall is over-trusting automated fixes. If you ask an LLM to fix a security bug, it will often introduce a new one. The arXiv study found that in 68% of cases, models attempting to fix vulnerabilities created new security issues. Always treat AI-proposed patches as drafts, not final solutions. Verify them with both automated scanners and manual review.
Conclusion: Security Is a Prompt, Not an Afterthought
Triaging vulnerabilities in vibe-coded projects requires a shift in mindset. You are no longer just reviewing code; you are managing a probabilistic output engine. By focusing on exploitability, leveraging AI self-reflection, and prioritizing based on exposure, you can keep pace with the speed of development without sacrificing safety. Remember, the goal isn't to stop using AI. It's to use it responsibly, with eyes wide open to the risks it introduces.
What is the most common vulnerability in vibe-coded projects?
According to Escape.tech research, the most common issues are exposed secrets and personally identifiable information (PII), accounting for over 62% of verified vulnerabilities. This happens because LLMs often hallucinate or reuse hardcoded credentials from their training data.
Can AI tools automatically fix security vulnerabilities?
Not reliably. While AI can suggest fixes, studies show that in 68% of cases, LLMs introducing new vulnerabilities while trying to fix existing ones. AI should be used for detection and drafting patches, but human verification is mandatory before merging code.
What is the SusVibes benchmark?
SusVibes is a security benchmark for LLMs released in late 2025. It tests models against 200 tasks covering 77 CWE types. It revealed that while LLMs pass over 50% of functional tests, they fail more than 80% of security tests, highlighting a significant gap in AI coding capabilities.
How does exploitability differ in AI-generated code?
In AI-generated code, exploitability is often higher because models tend to default to permissive configurations. For example, hardcoded secrets are exploitable in 100% of cases with trivial effort, whereas broken authorization is exploitable in 87% of cases. This makes immediate triage crucial.
What tools should I use for triaging vibe-coded projects?
A layered approach works best. Use SAST tools like SonarQube for static analysis, DAST tools like OWASP ZAP for dynamic testing, and secret scanning tools like GitGuardian. Additionally, implement an AI self-review step where the LLM audits its own code before human inspection.