← All resources
LM-12 · Ship · 10 items
Vibe-Coded App Risk Checklist
10 highest-leverage checks before you ship to customers
Built with Cursor, Lovable, or Bolt? These ten items catch the failures that block launch week — auth, secrets, RLS, HTTPS, and ops basics.
No email required for direct download. Privacy policy.
Preview
Work through each section at your pace.
Before real users
- Secrets and API keys are not in git or client-side bundles
- Authentication tested for signup, login, logout, and password reset
- Row-level security or equivalent enforced on every data read/write path
- Admin and privileged routes require explicit role checks server-side
- HTTPS enforced everywhere; HTTP redirects to TLS
- Automated backups scheduled with a tested restore procedure
- Error tracking and uptime checks alert someone when production breaks
- Production environment separate from dev — no shared database
- Deploy pipeline promotes from a tagged release, not a laptop copy
- Launch smoke test completed on the production URL with a runbook written
Email me the PDF
Optional — we will send a link to your inbox. Direct download stays available above.