Secure Vibe Coding with AI Agents

Vibes and More

Recently eslint-config-prettier, an npm package with more than 30 million weekly downloads was compromised. We wrote about it in our earlier blog eslint-prettier-config: Major Supply Chain Attack on npm. But the fact remains, npm like other public open source package registries, is a source of supply chain attack through malicious open source packages published in these registries. AI IDEs and coding agents are likely to accelerate the risk of malicious packages in the software supply chain.

We built SafeDep vet to protect software development teams against malicious packages in CI/CD. But this is not enough when it comes to AI coding agents like OpenAI Codex, Claude Code and AI IDEs like Cursor, Windsurf and others. Lets see with an example.

Vibing like a pro

Consider you are in the vibe of building the world’s best cli tool with an outstanding DevEx. You start with a boilerplate Typescript project that contains only a few dependencies like tsc.

1
➜ pnpm ls --depth 100 --parseable | wc -l
2
    8

You love Claude Code and you start with a prompt like this:

1
Set the foundation for building a multi-command cli tool with
2
the best developer experience for cli with interactive,
3
progress bars and other eye candies

Claude Code vibes along with you and comes up with a plan.

The plan starts with installing a bunch of 3rd party npm libraries. You are in vibe mode and go ahead with installing the 8 libraries that Claude Code suggested.

After this step, you suddenly realize the number of 3rd party dependencies, code from open source, have increased to a staggering 165. You are not sure what these libraries do, but you trust Claude Code to have suggested the best libraries for your cli tool.

1
➜ pnpm ls --depth 100 --parseable | wc -l
2
    165

You are an advanced vet user and you run a quick vet scan to check for potentially unpopular packages.

1
➜  vet --no-banner scan -M pnpm-lock.yaml \
2
    --insights-v2 --report-summary=false \
3
    --filter 'projects.exists(p, p.stars < 50)'
4

5
┌──────────────────────────┬─────────┐
6
│ PACKAGE                  │ VERSION │
7
├──────────────────────────┼─────────┤
8
│ proto-list               │ 1.2.4   │
9
│ util-deprecate           │ 1.0.2   │
10
│ widest-line              │ 4.0.1   │
11
│ os-tmpdir                │ 1.0.2   │
12
│ @pnpm/config.env-replace │ 1.1.0   │
13
│ stubborn-fs              │ 1.2.5   │
14
│ run-async                │ 3.0.0   │
15
│ is-path-inside           │ 4.0.0   │
16
│ @pnpm/network.ca-file    │ 1.0.2   │
17
│ @pnpm/npm-conf           │ 2.3.1   │
18
│ ansi-align               │ 3.0.1   │
19
│ restore-cursor           │ 3.1.0   │
20
│ get-east-asian-width     │ 1.3.0   │
21
│ is-fullwidth-code-point  │ 3.0.0   │
22
│ stdin-discarder          │ 0.2.2   │
23
│ is-in-ci                 │ 1.0.0   │
24
│ cli-width                │ 4.1.0   │
25
│ external-editor          │ 3.1.0   │
26
│ string_decoder           │ 1.3.0   │
27
│ when-exit                │ 2.1.4   │
28
└──────────────────────────┴─────────┘

You realize that you are not in control of the dependencies you are installing. You are in vibe mode and you are not thinking about the security implications of the dependencies you are installing. Many of the dependencies are not backed by even a modest community and has a similar threat profile as eslint-config-prettier. Then you hear about Slopsquatting and thats when it strikes you. The risk of getting hacked due to malicious code from open sources is real.

Adding a pinch of security

Thats where vet MCP Server comes in. We don’t want to get in the way of your vibe coding adventures but protect you from getting hacked while vibe coding. Lets do this.

Install vet with homebrew or learn more about other installation options.

1
brew install safedep/tap/vet

Add vet as an MCP server in Claude Code

1
➜  claude mcp add safedep-vet vet server mcp
2
Added stdio MCP server safedep-vet with command: vet server mcp to local config

Add the following to your CLAUDE.md file

1
Always use vet-mcp to check for vulnerabilities and malware
2
before installing any package.

Thats it! Lets take Claude Code and vet for a spin.

1
Install [email protected]

Note: pkg:npm/[email protected] is a known malicious package. Here we use it to test vet MCP server integration with Claude Code.

Claude Code now vets all open source packages using vet MCP server, protecting you from getting hacked due to malicious code from open sources.

No more getting pwned while vibe coding. You can continue your vibe coding adventures, albeit with a bit of security guardrails in place. vet MCP Server supports all AI IDEs and coding agents that supports MCP. Read the MCP Server Documentation for more details.

Conclusion

While vibe coding is fun, security risks are real. Specifically, ensure that

1. Generated code is reviewed before use in production
2. Security vulnerabilities in generated code are fixed before use in production
3. Open source packages are vetted before installation

Finally, if you are curious, this is how the cli looks like after our vibe coding session.