Axios: AI vibe-coding apps leak sensitive data
Axios: AI vibe-coding apps leak sensitive data The app model requires users to trust the software with their data. That the creator isn't malicious… or naive. That is no longer a good assumption i...
Topic: sensitive data
21 chunks · 20 episodes
3.3x burst in 2025 Q2
?
Peak quarter intensity across the topic's active span. Higher values mean attention was concentrated into a shorter stretch rather than spread evenly over time.
Topic summary
?
A short read on the topic's time range, peak episode, and strongest associations. Use it as the quick orientation before drilling into examples.
- sensitive data appears in 21 chunks across 20 episodes, from 2024-03-11 to 2026-05-11.
- Its densest episode is Bits and Bobs 4/21/25 (2025-04-21), with 2 observations on this topic.
- Semantically it travels with writing code, Gemini, and deep research, while by chunk count it sits between security model and writing code; its yearly rank moved from #102 in 2024 to #59 in 2026.
Over time
?
Raw mentions over time. Use this to see absolute attention, not relative rank among all topics.
Observations
?
The primary evidence view for this topic. Sort it chronologically when you want concrete examples behind the larger pattern.
Vibecoders who have never coded before often put themselves in much more danger than they realize.
...hat's not a good assumption for people vibecoding little apps that operate over sensitive data. Every non-toy vibecoded mini app that's useful almost by definition maintains sensitive state.
Some products have PMF for non-obvious reasons.
...Workday. But it makes it easy for HR to create compliant workflows on extremely sensitive data without needing to work with engineers. Kind of like when someone sees the boyfriend and says, "... What, is he funny or something?"
Confused deputy attacks are about tricking someone who is powerful but kind of dumb.
...er of them is the multiplication of "powerful" and "naive." LLMs with access to sensitive data are the most confusable deputies ever!
Security is about the weakest link.
...ple say "I run MoltBot in a VM so it's safe." Yes, but then you put all of your sensitive data into it! It doesn't matter if it's in a VM if it has all of your data anyway. The idea of "let's let people run OpenClaw in a VM" is hilarious to me....
This week in the wild west LLM security round up:
...ing a 339% year-over-year growth. The report also highlights a 152% increase in sensitive data leaks." "The report recorded a 540% surge in valid prompt injection reports" "13% of organisations experienced an AI-related security incident in 202...
This week in other security issues in LLMs:
...es in LLMs: RadWare: ShadowLeak: A Zero-Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT's Deep Research Agent.. Ars Technica's summary Eito Miyamura: "We got ChatGPT to leak your private email data… …All you need? The victi...
The News Feed betrayal effect: the dissonance that happens where sensitive data users added in one context is now used in another context.
The News Feed betrayal effect: the dissonance that happens where sensitive data users added in one context is now used in another context. This happened when Facebook enabled the News Feed for the first time. It didn't make any n...
Code that touches a session token should become radioactive.
...e, it will have to be antifragile; auto-isolating code that has been tainted by sensitive data.
Data is typically seen as an asset for a given origin.
...Origins should prefer not to have the data with all the downside risk of having sensitive data. There should be ways for creators of code to write arbitrary code that runs blindly. This would allow them to do useful things for users on sensitiv...
To get a personal system of record, you need all three of the legs of the iron triangle.
...hree of the legs of the iron triangle. Untrusted code - Creates open-endedness. Sensitive data - Can work on real and specific things, not just generic things. Network access - Can interact with the rest of the world, not just an island or dead...
A dossier is not for you, it is about you.
...ier is context someone else maintains about you. It's about distilling the key, sensitive data to make sense of you to someone or something that doesn't know you. The word "dossier" implies something clandestine and nefarious, not aligned with ...
Prompt injection is hard to combat because normal sandboxing doesn't work without a million permission dialogs.
...e web? It would be overwhelming. The web doesn't do it because it doesn't allow sensitive data (only data the user trusted the origin to have access to). The origin might trust more third parties than the user realizes, but technically users ar...
A friend told me: "vibe coding on your sensitive data has SHARP edges"
A friend told me: "vibe coding on your sensitive data has SHARP edges" Vibe coding is great fun, but if you do it on sensitive data, you can very quickly get yourself into trouble.
Untrusted code and sensitive data are explosive.
Untrusted code and sensitive data are explosive. Code is open-ended, it can do things. Data is about what's meaningful to you. Historically the combination has been explosive all in a...
No one has ever been able to do an auto-assembling process with code.
...itten by other anonymous creators is untrusted. You can't run untrusted code on sensitive data. LLMs can write code. Now you just need a way to make running on untrusted code on sensitive data safe.
ValTown is pretty great.
...ts comes power. What if you could write little Vals that would run on your most sensitive data?
The Same Origin model gives origins the right to send data to arbitrary other network endpoints by default.
...ppens after that point. This makes it quite hard to trust any given origin with sensitive data, who knows what the origin might do with it? The more trust an incremental origin requires, the more the ecosystem will tend to stabilize on a small ...
There are a class of tinkerer-style ideas for e.g.
...atives, and convinces people to give you–an app they just met–all of their most sensitive data. A very steep hill to climb. Also, a very scary one: most tinkerers don't want all of that radioactive data. But what if there were an open platform ...
The more trust a class of thing requires to be viable, the more you'll expect a small number of extremely powerful entities in that class.
...duling feature. One from a startup you've never met before who you have to give sensitive data to. And the other, a service that already has your calendar data. Which one do you pick? The latter, unless the former has an expected value an order...