Security sidecar
for vibe-coded apps

TLS, auth, rate limiting, WAF, and AI-readable logs. One binary, one config file. Zero-to-secure in minutes.

You vibe, we warden. Security is no longer your burden.

curl -sS https://vibewarden.dev/install.sh | sh
Read the Docs Star on GitHub

Everything you need, nothing you don't

Production-grade security from a single binary. No nginx, no certbot, no duct tape.

Automatic TLS

HTTPS certificates from Let's Encrypt, auto-renewed. Zero configuration needed.

Authentication

API keys, JWT validation, and OAuth2 proxy built in. Protect endpoints in one line.

Rate Limiting

Token bucket rate limiting per IP, user, or API key. Stop abuse before it starts.

WAF

Web Application Firewall with OWASP rules. Block SQLi, XSS, and path traversal.

AI-Readable Logs

Structured events with schemas, summaries, and payloads. Your AI agent can parse them.

Prompt Injection Detection

Catch prompt injection attacks aimed at your LLM-powered app before they reach your model.

Egress Proxy

Control and audit outbound traffic. Allowlist external APIs, block data exfiltration.

Security Headers

CSP, HSTS, X-Frame-Options, and more. Harden every response automatically.

Up and running in three steps

From zero to production-grade security in under five minutes.

Install

A single command. No dependencies, no package managers.

curl -sS https://vibewarden.dev/install.sh | sh

Configure

One YAML file. Human-readable, AI-configurable.

# vibewarden.yaml
upstream: http://localhost:3000
tls:
  auto: true
  domain: myapp.dev
auth:
  type: api-key
rate_limit:
  requests: 100
  window: 60s

Run

Start the sidecar. That's it. You're secure.

vibew dev
# Listening on https://myapp.dev
# TLS certificate ready
# WAF rules loaded
# Rate limiter active

Stop duct-taping your security

Replace a fragile stack of tools with a single binary that just works.

Before VibeWarden

  • nginx config files you copy from Stack Overflow
  • certbot cron jobs that silently break
  • fail2ban rules you never test
  • Hand-rolled auth middleware
  • Logs you can't search or parse

After VibeWarden

  • One binary, one config file
  • TLS certificates auto-renewed
  • WAF + rate limiting out of the box
  • Auth built in, configurable in YAML
  • Structured logs your AI agent can read

Ready to stop worrying about security?

Get VibeWarden running in front of your app in under five minutes.

curl -sS https://vibewarden.dev/install.sh | sh
vibew init --upstream 3000 --auth --rate-limit
vibew dev
Get Started Star on GitHub