Security Guide for Bolt, Windsurf & Replit Apps
Using Bolt.new, Windsurf, or Replit to build your app? This cross-platform security guide covers the shared vulnerabilities across all three AI coding tools and how to protect your deployed applications.
By Paula C · Kraftwire Software
· 9 min readThe Shared Security Problem Across AI Coding Platforms
Bolt.new, Windsurf, and Replit represent three different approaches to AI-assisted development. Bolt.new runs entirely in the browser with WebContainers. Windsurf uses AI-Flow in a desktop IDE. Replit provides a cloud-based environment with instant deployment. Despite these architectural differences, the applications they produce share remarkably similar security vulnerabilities.
Why? Because the underlying AI models have the same blind spot: **they optimize for functionality, not security**. Whether you're prompting Bolt, Windsurf's Cascade, or Replit's Ghostwriter, the AI generates code that works but doesn't think defensively.
This guide covers the security vulnerabilities common across all three platforms, the risks unique to each, and a unified checklist you can apply regardless of which tool you use.
---
Shared Vulnerabilities Across All Three Platforms
1. API Keys and Secrets in Client-Side Code
Every AI coding platform we've tested has this problem. When you ask the AI to "add Stripe payments" or "connect to my database," it places credentials where they're easiest to use - which is almost always in the frontend code.
**The pattern:** The AI generates a file like `config.js` or `utils.ts` containing your API key as a plain string constant. It works immediately, so you move on to the next feature. But that key is now bundled into your client-side JavaScript, visible to anyone who opens browser DevTools.
**Cross-platform impact:**
In **Bolt.new**, keys end up in the WebContainer bundle, accessible via the browser
In **Windsurf**, keys are hardcoded in source files that get deployed to hosting platforms
In **Replit**, keys in public Repls are visible to anyone who forks the project
**How to fix it:**
Use each platform's secrets management: Replit Secrets, `.env` files (excluded from git), or environment variables on your hosting provider
Search your codebase for common key patterns: `sk_live_`, `sk_test_`, `api_key`, `Bearer`, `password`
Move sensitive operations to server-side functions or API routes
Rotate any key that was ever in client-side code - it's been compromised
2. Missing Authentication and Authorization
All three platforms make it trivially easy to build pages and API endpoints. None of them add authentication by default. The result: deployed applications with admin panels, user data endpoints, and management tools that anyone can access.
**Why this happens:** When you prompt "create an admin dashboard," the AI builds the UI and connects it to your data. It doesn't add login pages, session management, or route protection because you didn't ask for it. And by the time you realize, the app is already deployed.
**Common patterns across platforms:**
Admin routes accessible without login (`/admin`, `/dashboard`)
API endpoints returning all user data without auth checks
File upload endpoints open to anonymous users
Delete/update operations with no identity verification
**How to fix it:**
Add authentication as the **first** feature, not an afterthought
Use established auth libraries: Supabase Auth, Clerk, Auth0, or Firebase Auth
Implement route middleware that checks authentication on every protected endpoint
Separate public and authenticated routes clearly
Test every route in an incognito window without logging in
3. No Input Validation or Sanitization
AI-generated code trusts user input implicitly. Form handlers pass data directly to database queries. API endpoints accept whatever payload is sent. This opens the door to injection attacks across all three platforms.
**Attack vectors:**
**SQL Injection**: Malicious SQL in form fields that reads, modifies, or deletes your database
**XSS (Cross-Site Scripting)**: JavaScript injected through inputs that executes in other users' browsers, stealing their sessions or data
**Command Injection**: System commands embedded in input fields that execute on your server
**NoSQL Injection**: Malicious operators in MongoDB queries that bypass authentication
**How to fix it:**
Use parameterized queries or an ORM - never concatenate user input into queries
Validate every input: check type, length, format, and allowed characters
Use a validation library like Zod (TypeScript), Joi (JavaScript), or Pydantic (Python)
Sanitize HTML output with DOMPurify before rendering user-generated content
Implement Content Security Policy headers to mitigate XSS impact
4. Overly Permissive Database Access
When AI sets up database connections, it typically uses the highest-privilege credentials available. In Supabase apps, this means using the service-role key. In MongoDB apps, the root user. In PostgreSQL apps, the superuser account.
**Why it's dangerous:** High-privilege database access means any vulnerability in your app becomes a full database compromise. If an attacker finds a single SQL injection point, they can:
Read every table in the database
Modify or delete any record
Create new admin accounts
Export your entire dataset
**How to fix it:**
Use the minimum-privilege credential for your app's needs
In Supabase: use the anon key with RLS policies, never the service-role key in frontend
In MongoDB: create application-specific users with limited permissions
In PostgreSQL: use GRANT to restrict table and column access
Implement Row-Level Security where supported
---
Platform-Specific Risks
Bolt.new Specific Risks
**WebContainer limitations**: Code runs in-browser, so server-side security patterns don't apply the same way
**Deployment gap**: The transition from Bolt's sandbox to a hosting provider often drops security configurations
**Package installation**: Bolt installs packages automatically without security auditing
**Preview URL exposure**: Bolt preview URLs can be shared accidentally, exposing development-state apps
Windsurf Specific Risks
**AI-Flow persistence**: Windsurf's AI remembers context across sessions, which can cause it to repeat insecure patterns from earlier in the conversation
**Multi-file changes**: Cascade edits multiple files simultaneously, making it easy to miss security regressions
**Extension ecosystem**: Windsurf plugins can introduce additional attack surface
**Local environment trust**: Code generated locally may work differently when deployed, especially around file paths and permissions
Replit Specific Risks
**Public by default**: Free Replit projects are public, meaning source code (including hardcoded secrets) is visible
**Shared hosting**: Multiple Repls share infrastructure, increasing the importance of proper isolation
**Always-on deployments**: Deployed Repls are continuously running, giving attackers a persistent target
**Fork exposure**: Public Repls can be forked, including any secrets committed to files
---
Your Cross-Platform Security Checklist
Apply this checklist regardless of which platform you use:
**Secrets Management**
✅ No API keys, passwords, or tokens in source code
✅ All secrets in environment variables or platform-specific secrets managers
✅ Sensitive keys rotated if they were ever committed to code
✅ Only publishable/public keys used in frontend code
**Authentication & Authorization**
✅ Authentication required on all non-public routes
✅ Authorization checked server-side on every request
✅ Admin functionality behind proper role verification
✅ Sessions expire and refresh appropriately
**Input & Output Security**
✅ All user inputs validated for type, length, and format
✅ Parameterized queries used for all database operations
✅ HTML output sanitized before rendering
✅ Error messages don't expose internal details
**Infrastructure**
✅ HTTPS enforced on all connections
✅ Security headers configured (CSP, HSTS, X-Frame-Options)
✅ Dependencies audited for known vulnerabilities
✅ CORS restricted to authorized origins only
**Database**
✅ Minimum-privilege credentials used
✅ Row-Level Security enabled where supported
✅ Database not directly accessible from the internet
✅ Backups configured and tested
---
Automate Your Cross-Platform Security Review
Manually checking every item on this list across multiple platforms is time-consuming and error-prone. SimplyScan automates the process for any deployed web application - regardless of which AI platform built it.
Enter your app's URL and get a comprehensive security report covering 14 categories and 51+ checks in 30 seconds.
[Scan your app now →](/)