Skip to content
Holding·last review29 May 2026

If a small business shipped a customer-facing app built with a no-code or vibe-coding platform and never ran a security review, the safe operating assumption is that its database is reachable from the public internet until proven otherwise, because spring 2026 scans found thousands of such apps actively leaking sensitive data and the common cause is open data-access defaults that the natural-language build does not close for you.

Anchored on spring 2026 security research: a RedAccess scan of roughly 380,000 publicly reachable apps built on no-code AI platforms (Lovable, Base44, Replit and others) found around 5,000 actively leaking sensitive data (API keys, customer records, in some cases payment or health data); separate testing by Escape.tech (Oct 2025) of about 5,600 production apps found roughly 2,000 vulnerabilities (not labelled critical); Lovable had a documented BOLA-class flaw between February and April 2026 where project links could expose other projects, with fixes shipped for new projects while some existing ones stayed open for a period. In May 2026 several platforms (Replit, Vercel and others) shipped built-in security scanners. Mechanism: the vibe-coding build defaults to open data access and skips the access-control review a developer would perform by habit. Scope: operator-register risk advisory, not a claim that any specific named app is currently leaking and not a recommendation to abandon these platforms; the prescription is to run the check. VERIFIED 2026-05-29: the RedAccess 380k/5k scan confirmed via Axios (axios.com/2026/05/07/loveable-replit-vibe-coding-privacy) and Security Boulevard; the Escape.tech figure (about 5,600 apps, about 2,000 vulnerabilities) is from an Oct 2025 report, not spring 2026 and not labelled critical; the Lovable BOLA window 3 Feb to 20 Apr 2026 and the Replit/Vercel May-2026 scanners confirmed (lovable.dev incident post and The Register). 30-day review cadence (28 Jun 2026), short because platform defaults and scanner tooling are changing fast. Trigger conditions: (1) the major platforms change their default to closed data access, which would soften the assume-it-is-public posture toward Partial; (2) a new published scan materially changes the scale of the problem; (3) a platform ships or withdraws a built-in security scanner that changes the recommended check. Related: the solopreneur stack-consolidation piece (/operators/solopreneur-ai-stack-consolidation/) and the small-business vendor red-flags piece (/operators/ai-vendor-redflags-smb/).

Published
29 May 2026
Last reviewed
29 May 2026
Next review
+10d· 28 Jun 2026
Cohort
1-50 person business that has shipped an app built with a no-code or vibe-coding platform holding real customer or business data
Cadence
30-day
Primary sources
Embed this claimiframe + oEmbed
HTML iframe
Paste-the-URL (Substack, Medium, Notion, WordPress)

The card auto-updates when the claim's status, last-reviewed date, or correction log changes. Embedders never need to refresh — the card is rendered live from the canonical record.

Watch this claim

Email-me when OPS-082's status, next review date, or correction log changes. One email per change. No newsletter subscription, no other mail.

The claim: If a small business shipped a customer-facing app built with a no-code or vibe-coding platform and never ran a security review, the safe operating assumption is that its database is reachable from the public internet until proven otherwise, because spring 2026 scans found thousands of such apps actively leaking sensitive data and the common cause is open data-access defaults that the natural-language build does not close for you.

About this register

The Operators register tracks claims published from practitioner-advisory pieces addressed to solo founders, micro-SMB, and small businesses up to around fifty people. Claims are reviewed on a 30–45 day cadence — tooling and SMB-relevant pricing shift faster than enterprise procurement signals.

Recent corrections in Operators

  • OPS-068 · Partial · 17 Jun 2026

    Source-text re-review: the '$300-$500 (2024) toward $100-$130 (early 2026)' median trajectory is not stated in either cited source — the Godberry Studios teardown reports stack cost by revenue tier (not a year-over-year median) and BetterCloud's SaaS-industry data covers enterprise spend, not solopreneur AI subscriptions. The compression direction is supported by the Godberry tier data and observable foundation-model bundling; the specific year-anchored median figures are reclassified as source:our-estimate in the article. The load-bearing claim (active compression / category-collapse) holds; status moved to Partial pending a primary source carrying a dated solopreneur-median series.

  • OPS-051 · Partial · 10 Jun 2026

    One named member of the generation cluster was already defunct at publication: Tome shut down its presentation/narrative product (Tome Slides) in March 2025 and pivoted to sales tooling, with the brand later sold to AngelList (deckary.com shutdown timeline; signalhub.substack.com post-mortem, both checked 10 Jun 2026). The generation cluster reduces to Pitch + Gamma. The two-cluster thesis itself is unaffected and arguably strengthened — the pure AI-narrative product failed to find a sustainable business while Gamma (70M users, $100M ARR as of Nov 2025) and the assembly cluster (PandaDoc, Better Proposals, Proposify per Luniq 2026 agency comparison) both compound. Status Up → Partial for the factual error in the tool list.

  • OPS-022 · Partial · 10 Jun 2026

    Vendor attribution error in the claim text. The claim names Polley Faith among 'Spellbook with named small-firm customers Westaway, KMSC Law, Polley Faith'. Polley Faith LLP is a Harvey-listed law-firm customer, not a Spellbook customer: the live Spellbook site (now spellbook.com; spellbook.legal 301-redirects) names Westaway, KMSC Law, and McInnes Cooper with no Polley Faith, and the source article's own body correctly places Polley Faith on Harvey's roster — the claim text and the article excerpt bundled it with the wrong vendor at publish. The remaining legs verify against extracted source text on 10 Jun 2026: Anthropic's GC AI customer story carries 'More than 1,500 companies' and '14 hours saved per week on average ... based on a survey of more than 100 active customers' verbatim; Harvey's published roster (Thompson Hine, Fox Rothschild, Lowenstein Sandler, Polley Faith) matches; ABA Formal Opinion 512 remains the governance baseline. The corpus reading (AI ships at 1-to-20 lawyer scale; privileged work stays on Enterprise-tier zero-retention access) is unaffected. Status Up -> Partial.

Reviews coming up in Operators

  • OPS-030 · Holding · next +9d (27 Jun 2026)

    The fastest path for an owner-operator to build practical agentic-AI competence in 2026 is the three-week build-by-ship…

  • OPS-029 · Holding · next +9d (27 Jun 2026)

    For solo founders and small teams (under ~50 people) building with AI in 2026, the build-vs-buy decision tree has inver…

  • OPS-005 · Holding · next +9d (27 Jun 2026)

    At sub-1M tokens per month (typical SMB agent volume) in 2026, the absolute dollar gap between Claude Haiku 4.5, GPT-4o…