Auth
Provider, session storage, MFA, token leakage, password reset surface area.
System
Three named systems I run on every engagement. The 6-axis fragility model audits any prototype in 5 minutes. The 3-week Rescue hardens it. The 6-week MVP builds the real thing. Same principles, three depths.
01 / Audit
Every AI-built prototype I audit gets graded on the same six axes. They catch ~80% of what breaks a prototype in production. The free 5-minute Loom audit uses this same model.
Provider, session storage, MFA, token leakage, password reset surface area.
API exposure, hardcoded keys, anonymous read access, secrets in client bundles.
HTTPS, security headers, common path enumeration, mixed content, OWASP basics.
Critical-path coverage, source maps shipped, console errors, broken-link rate.
CDN, compression, cache headers, custom domain, rollback path.
Error tracking, analytics, health endpoints, alert routing.
The week-by-week plans live on the offer pages.
02 / Apply
Start with the free 5-minute Loom audit (no call, no pitch). Or book a 30-min call to scope the rescue or MVP.