npx vibecheck-audit https://yourapp.com

Audit from the terminal.
One command.

No browser. No account. No setup. Paste a URL and get a full pre-launch report directly in your terminal.

View on npm →See all commands ↓

What the output looks like

Color-coded by severity. Evidence for every failure. Direct fix suggestions. Full report link at the bottom.

zsh — terminal

npx vibecheck-audit https://podbright.ai

Starting audit for https://podbright.ai …

Running checks … 61s elapsed

 

────────────────────────────────────────────────────

VibeCheck — https://podbright.ai/

────────────────────────────────────────────────────

Score: 98/100 — Ship it

Checks: 153 run ✓ 75 passed ✗ 2 failed ⚠ 33 warned – 43 skipped

────────────────────────────────────────────────────

 

HIGH (1)

 

[sec-001] Content-Security-Policy header missing

Found: Content-Security-Policy header missing

Fix: Add a CSP header to prevent XSS. Start with a restrictive policy and loosen as needed.

 

MEDIUM (1)

 

[seo-003] Missing Open Graph image

Found: No og:image meta tag found

Fix: Add <meta property="og:image" content="https://..."> with a 1200×630px image.

 

WARNINGS (33)

 

[api-002] CORS wildcard header present

Found: CORS wildcard detected in network requests

 

[api-004] No rate limiting headers on API responses

Found: No rate-limit headers detected on API responses

 

[auth-010] Protected routes accessible via direct URL

Found: /settings returned 200 without apparent auth check

… 30 more warnings in full report

 

PASSED (75 checks)

auth-001 auth-002 seo-001 seo-002 mob-001 mob-002 perf-001 sec-002 …

 

────────────────────────────────────────────────────

Full report: https://vibecheck.builtthisweekend.com/audit/clx…

────────────────────────────────────────────────────

 

Commands

No install required. npx downloads and runs the latest version every time.

Full audit
npx vibecheck-audit https://yourapp.com

Runs all checks, returns Vibe Score + prioritized issue list.

Single category
npx vibecheck-audit https://yourapp.com --category security

Runs only one category. Faster — about 90 seconds.

CI gate
npx vibecheck-audit https://yourapp.com --fail-below 70

Exits with code 1 if score drops below threshold. Blocks the pipeline.

JSON output
npx vibecheck-audit https://yourapp.com --format json | jq '.score'

Raw JSON for scripting, logging, or piping into other tools.

All flags

FlagValuesDescription
--categoryauth, security, ai, payments, seo, legal, content, frontend, mobile, performance, database, api, production, observability, launchRun only one category
--fail-below0–100Exit with code 1 if Vibe Score is below this number
--formattext (default), jsonOutput format
--helpShow help
--versionShow version

Four ways to use VibeCheck

All four run the same checks. Pick whichever fits your workflow.

🌐

Web

Paste a URL in the browser. Instant results, no setup.

⚙️

GitHub Action

Gate every PR. Fails the build if critical issues are found.

🤖

MCP

Claude Desktop, Cursor, Claude Code. Audit without leaving your AI.

you are here
💻

CLI

npx vibecheck-audit. Terminal output. Pipe to JSON. Use in any script.

One command. Full audit. No account.

Works on any publicly reachable URL. Results in under 5 minutes.

npx vibecheck-audit https://yourapp.com
Or run a free audit in the browser →