u/5skandas

A while back I started a hobby of digging into the source code of websites I suspected to be vibecoded and I was horrified by what I have seen. Hardcoded API keys and admin credentials, completely exposed API endpoints allowing me to modify content (did that by mistake, never did it again), exposed NextJS config files. What do I do if I can’t find a contact for the site admin?

The common denominator with these sites is they are all React / NextJs / Vite with heavily commented code with similar mistakes so I’m assuming they’re all vibecoded.