Sample Scan Report
See what a CheckYourVibe scan looks like
Good news
14 checks passed
What needs work
1 critical 1 medium 1 low
Let's get to work!
0% complete
0verified
0fixed
0ignored
3remaining
Re-scan to verify your fixes and move resolved issues off the list.
critical
Your Stripe API Key is Visible
What's happening
Your secret Stripe key (sk_test_...) is in your JavaScript file that anyone can view in their browser. Someone could use this key to create fake charges or steal customer data.
Evidence
Found in /assets/main.js: sk_test_51H...redacted
How to fix this
My Stripe secret key is exposed in my client-side code. Move it to a server-side environment variable and create an API endpoint to handle Stripe operations securely. I'm using Next.js with Vercel.
1 of 3