Vibe Code Analyzer.

AI-assisted coding changed the economics of software development. Features that took a week now take hours. Entire applications get scaffolded in an afternoon. Junior developers ship production code on their first day.

But the speed creates a new category of risk. Copilot does not flag the SQL injection it just wrote. ChatGPT does not notice the auth bypass in the middleware it generated. And the developer who vibe-coded the entire checkout flow does not know what they do not know.

The result is codebases that look complete and functional but contain silent vulnerabilities, dead logic paths, unused dependencies inflating the attack surface, and performance bottlenecks hidden behind fast hardware. These issues compound. A security vulnerability that costs five hundred dollars to fix today costs fifty thousand after a data breach.

The Vibe Code Analyzer exists because the audit step was missing from the AI-assisted development workflow. The tools that generate code do not evaluate code. Someone has to. This tool does it automatically, in under ten minutes, for the cost of a coffee.

The tool scans across twelve quality dimensions. Security vulnerabilities mapped to OWASP Top 10 — injection risks, broken authentication, sensitive data exposure, XML external entities, broken access control. Dead code detection identifies functions, components, and entire files that are imported but never called. Dependency analysis flags outdated packages with known CVEs and unused dependencies that inflate bundle size and attack surface.

Performance scoring measures bundle size, render-blocking resources, and client-side computation costs. Accessibility audit checks WCAG compliance — missing alt text, improper heading hierarchy, inadequate colour contrast, keyboard navigation gaps. SEO analysis validates meta tags, structured data, canonical URLs, and crawlability.

Each dimension produces a severity-scored finding with the exact file path, line number, and a plain-English explanation of what is wrong and why it matters. No jargon. No four-hundred-page PDF. The report is structured as a prioritized action list: fix the red items first, address the yellow items next, and track the green items for ongoing improvement.

The scoring system produces an overall codebase health score from 0 to 100. Most vibe-coded projects score between 35 and 55 on their first scan. After addressing the critical findings, scores typically jump to 75-85 — which is where a professionally maintained codebase should sit.