VibeLint Blog

Security notes for AI-assisted development.

Practical guides on prompt injection, MCP risk, agent permissions, approvals, and action logs.

Featured guide

AI agent securityJune 29, 202614 min read

A practical, reviewable checklist for the controls that matter before an AI agent can touch real code, systems, or customer data.

Prompt injectionJune 29, 202610 min read

Trace untrusted instructions from their source to the model and from model output to every execution-capable sink.

MCP securityJune 29, 202611 min read

An MCP server extends what Claude Code can reach. Review identity, scopes, commands, network access, and approval behavior before connecting it.

Vibe codingJune 29, 202612 min read

Vibe coding becomes risky when working-looking output bypasses threat modeling, authorization review, dependency checks, and controlled deployment.

VibeLint Blog

Practical guides on prompt injection, MCP risk, agent permissions, approvals, and action logs.

AI agent securityJune 29, 202614 min read

A practical, reviewable checklist for the controls that matter before an AI agent can touch real code, systems, or customer data.

Prompt injectionJune 29, 202610 min read