Free until we find your first real vulnerability · Card optional · No trial timer
Catch the bug before your AI ships it.
Connect in 30 seconds. We make your LovableReplitDevinBase44CursorClaude CodeLovable security-aware — every file it writes, every dependency it installs. You don't pay a cent until we actually find a real vulnerability in your app. No trial countdown, no card on file unless you choose. If we never earn it, you never pay.
And when we do find something — your AI fixes it in the same loop. You see clean code, not bug reports.
Six headlines from the last twelve months. Same bug shapes Literal Security catches before they land.
CRITICAL Stripe live key in JS bundle · Lovable appHIGH Supabase service-role exposed · public repoCRITICAL ~10,000 AWS keys/mo on GitHub · TruffleHIGH Plaintext passwords in DB · productionCRITICAL /admin route shipped without auth · Vercel appMEDIUM Hardcoded JWT secret · client-sideCRITICAL Stripe live key in JS bundle · Lovable appHIGH Supabase service-role exposed · public repoCRITICAL ~10,000 AWS keys/mo on GitHub · TruffleHIGH Plaintext passwords in DB · productionCRITICAL /admin route shipped without auth · Vercel appMEDIUM Hardcoded JWT secret · client-side
HIGHloadsh typosquat installed · npmCRITICAL RLS missing on Postgres tables · SupabaseMEDIUM Open redirect via returnUrl· auth flowCRITICAL AI-assisted code 40%+ more vulnerable · StanfordHIGH.env committed to git · public repoHIGH CORS wildcard + credentials · prod APIHIGHloadsh typosquat installed · npmCRITICAL RLS missing on Postgres tables · SupabaseMEDIUM Open redirect via returnUrl· auth flowCRITICAL AI-assisted code 40%+ more vulnerable · StanfordHIGH.env committed to git · public repoHIGH CORS wildcard + credentials · prod API
CRITICAL SQL injection via string concat · login routeHIGHdangerouslySetInnerHTML over user input · ReactHIGH MD5 used for password hashing · authMEDIUM JWT alg: none accepted · verifierCRITICAL NEXT_PUBLIC_*KEY leaked to client · build artifactHIGH Path traversal in file upload · no containmentCRITICAL SQL injection via string concat · login routeHIGHdangerouslySetInnerHTML over user input · ReactHIGH MD5 used for password hashing · authMEDIUM JWT alg: none accepted · verifierCRITICAL NEXT_PUBLIC_*KEY leaked to client · build artifactHIGH Path traversal in file upload · no containment
If you're reading this thinking "couldn't happen to me" — it absolutely could, and it's the same six patterns every time. The Gate catches each one before your AI saves the file.
Anything you build · any vague prompt · zero shipped bugs
No clicks. No paste. Just watch us catch the bugs as your AI types them.
Whatever you build with — Lovable, Bolt.new, Replit Agent, Cursor, Claude Code, anything that speaks MCP. Three real prompts, nine catches, all in 40 seconds.
api/notes.tsCursorClaude Opus 4.7recording
YOUbuild me a notes APIScene 1 / 3
0:00
The promise
We earn it before you pay it.
Most security tools charge you to find out if they're useful. We do the opposite. Sign up, connect, and ride free until the day Literal Security finds an actual vulnerability in your app. If we never catch one, you never owe a cent. If we do, you decide if seeing the fix is worth a plan.
1
Sign up free
No credit card. No trial countdown. No "verify your card to continue." Sign in with Google, GitHub, or a one-click email link — under a minute.
$0
2
We watch silently
Your AI builds. We install guardrails inside its writing loop — so every file it writes gets scanned by Literal Security before it saves: auth, secrets, SQL, dependencies, the lot. Findings stay zero, you stay free. Forever, if your code stays clean.
Still $0
3
We catch a real bug
The day a real vulnerability appears, we hold the details and tell you it's there. That's the only moment we ask for a card. Subscribe → see the finding → your AI fixes it → ship.
Now we earn it
No credit card required to sign up. Card is only requested after we find your first real vulnerability — and only if you choose to subscribe.
No trial timer. If we never find a finding, you never get charged. Free is free, not "free for 14 days."
The trigger is real findings, not engagement. Logging in, running checks, scanning files — none of it counts. Only an actual vulnerability flips the switch.
100+ checks across the OWASP Top-10, secret detection, supply-chain, auth, crypto, and AI-coded-app patterns. Below is a sample of the classes that show up in real vibe-coded apps every week — each one Literal Security catches before the file lands.
A sample of what we catch
Leaked secrets — Stripe / OpenAI / Anthropic / AWS / Supabase keys hardcoded in source, env vars exposed in client bundles
…and 90+ more — prototype pollution, mass assignment, ReDoS, deserialization, weak randomness, race conditions, unsigned webhooks, debug endpoints in prod, dependency-confusion, RCE in lockfile drift, and the long tail of trending-vuln rules updated as new patterns hit the wild.
Free until we find your first real vulnerability. The day we earn it, you pick the plan that matches the stakes. No card before then. No per-seat games. Cancel any time. Annual saves 30%.
Two layers. One complete cycle.
Findings come with auto-fix steps your AI applies in-line — no dashboards to babysit, no reports to read. The work happens where you build.
Defensive
The Gate
We install guardrails inside your AI's writing loop. Every file it writes gets scanned by Literal Security before it lands on disk — and the AI rewrites the file if we flag a finding. The bug never gets typed past the gate.
When code is being written.
→
Offensive
Probe
No tool on earth catches every bug at write-time. Things change: a maintainer pushes a malicious update, a CVE drops on a package you already shipped, an edge case in the AI's diff slips through. While you're not coding, Probe is. It hits your deployed app the way an attacker would — XSS reflections, open redirects, missing security headers, exposed admin paths, leaky endpoints — and verifies what's running is actually safe.
While you're away from the keyboard.
The Gate alone is preventive. Probe alone is reactive. Together they close the loop: nothing ships without being checked, nothing running stays untested.
Every plan includes
Auto-fix inline — your AI applies the fix in the same chat turn
Guardrails inside your AI — your AI consults Literal Security before each Write / Edit / install / deploy, applies the fix inline, then proceeds. Works in Cursor, Claude Code, Lovable, Replit, Bolt, v0, Windsurf, Cline, Codex, Base44.
/secure for end-of-session sweeps — optional, but a good habit before you close the tab
Cancel anytime · 30% off annual · no card until first finding
Defensive
vibe coder defensive
We install guardrails inside your AI so it stays security-aware. Your AI catches the bug — secrets, SQL injection, missing auth, hijacked deps — before it ever lands on disk.
$14.99/ month
Guardrails fire on every code-shaped action — Write, Edit, refactor, install, deploy
Catches across 100+ rule classes: leaked secrets, SQL/NoSQL/cmd injection, missing auth, IDOR, RLS gaps, hardcoded credentials, weak crypto, typosquats, prototype pollution, eval over user input, open redirects, SSRF
Auto-fix delivered inline — your AI rewrites the file before saving, no copy-paste back into chat
Pre-deploy gate before push to main / wrangler / vercel
Trending-vuln rules updated continuously as new attack patterns appear
Defensive layer only — no offensive Probes, no 24/7 continuous monitoring
2 offensive Probes a month, on demand. Write-time guardrails can't see what changes after you ship — a dep gets a fresh CVE next week, a maintainer flips, a config drifts on the host, an attacker finds a path your AI didn't think to test. Probe hits your deployed app the way an attacker would and audits everything: live URL, dependency tree, bundles + open-web secrets, connected GitHub repo. Manual trigger, your timing.
$29.99/ month
Everything in vibe coder defensive, plus —
2 offensive Probes per month — manual trigger, your timing
Findings delivered with reproduction steps and the exact fix to apply
While you're not coding, we are. Same full audit as offensive — running 24/7 in the background. The moment a CVE drops, a maintainer flips, or a key leaks anywhere on the open web or in your repo, we know — even if your laptop is shut.
$99.99/ month
Everything in vibe coder offensive, plus —
Continuous 24/7 coverage — the full audit runs around the clock instead of 2× a month
Continuous supply-chain monitor — maintainer takeovers, hijacked packages, lockfile drift, new transitive deps caught the moment they enter your tree
I don't know what RLS or IDOR or CSRF means. Does this still help me?
That's exactly who this is for. We translate every finding into a sentence a human can act on: "Anyone could read other users' notes. Add a login check at the top of this function." You don't need the jargon — your AI applies the fix, we just tell it where to look.
Does it auto-fix the code, or do I have to do it?
Auto-fix is the default. Every finding ships with the exact change to make, and your AI applies it before saving the file — same chat turn that produced the bug. You see the corrected code land directly; there is no separate triage step, no copy-paste cycle, no severity badges to click through.
You always see what changed and can roll it back like any other AI edit. For Probes (offensive plan), findings come with reproduction steps + the exact patch — your AI applies them on the next pass.
How does free actually work? When do I get charged?
Sign up, connect Literal Security to your AI, build normally. The guardrails are active from minute one. You only pay if we ever catch a real vulnerability in your app — and when that moment comes, we tell you plainly: "We caught your first real bug. To keep the guardrails on, pick a plan." No hidden findings, no "subscribe to view" gimmick — we just stop free coverage from continuing past the moment we earned it.
If your code stays clean, you stay free. There is no trial timer, no card on file unless you choose, no auto-conversion. The first time we catch a real bug is the first time you see a charge — and never before.
Will it slow my AI down?
The check runs server-side and returns in well under a second on typical files. Your AI sees a single tool-use tick in the chat, then keeps going. Compared to the 10–60 seconds it usually spends thinking about a feature, the security pass is rounding error.
What stops my AI from skipping the guardrail when I'm in a hurry?
The guardrail is configured at the session level — your AI is told to consult Literal Security before any code change, including small ones, including ones you said "just ship it" to. If you genuinely need to override (rare), you tell the AI in your own words, and that override is logged with your reason. The guardrail can be argued with; it cannot be silently disabled.
Which AI tools does this work in?
Anything that speaks MCP — Cursor, Claude Code, Lovable, Replit, Bolt.new, v0, Windsurf, Cline, ChatGPT Codex, Base44. Setup is a single config block from your dashboard pasted into your tool's MCP settings. ~30 seconds total.
Is my code sent anywhere? What about privacy?
The file content your AI is about to write is sent to our scanner over TLS, scanned in memory, and discarded. We do not retain source code, we do not train on it, and we do not share it. Findings are stored against your account so you can audit them; the underlying source is not.
How is this different from running a regular SAST tool or a DAST scanner?
SAST and DAST tools scan code that has already been written or already shipped — they generate reports you read later. Literal Security runs inside the AI's writing loop, so the bug never makes it onto disk in the first place. Probe (on the offensive plan) is our complement to DAST for what changes after deploy. Most teams want both; we focus on the layer that doesn't exist yet.
Can I cancel anytime?
Yes. Month-to-month, no commitment. You can cancel from the billing page; access continues to the end of your current billing period.
Ship the app. Skip the breach.
One-click sign-in. Connected to your AI in under a minute. No credit card. We don't charge until we find a real vulnerability — and only if you choose to subscribe.
Replit Agent
Bolt.new
v0
Base44
Manus
ChatGPT Codex
Cursor
Claude Code
Lovable
