{"id":50557232,"url":"https://github.com/simranshaikh20/vibesafe","last_synced_at":"2026-06-04T08:02:34.464Z","repository":{"id":358237775,"uuid":"1240397318","full_name":"SimranShaikh20/VibeSafe","owner":"SimranShaikh20","description":null,"archived":false,"fork":false,"pushed_at":"2026-05-16T10:50:42.000Z","size":201,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-16T12:41:07.659Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://vibe-safe-flax.vercel.app","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SimranShaikh20.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-16T04:57:37.000Z","updated_at":"2026-05-16T10:53:00.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/SimranShaikh20/VibeSafe","commit_stats":null,"previous_names":["simranshaikh20/vibesafe"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/SimranShaikh20/VibeSafe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FVibeSafe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FVibeSafe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FVibeSafe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FVibeSafe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SimranShaikh20","download_url":"https://codeload.github.com/SimranShaikh20/VibeSafe/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FVibeSafe/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33895175,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-04T02:00:06.755Z","response_time":64,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-04T08:02:33.621Z","updated_at":"2026-06-04T08:02:34.447Z","avatar_url":"https://github.com/SimranShaikh20.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# VibeSafe 🛡️\n\n\u003e **You built it. Can you prove it's yours?**\n\nVibeSafe is a privacy-first AI code auditor that analyzes your project and generates a **Proof of Authorship certificate** — identifying your human architectural decisions versus AI-assisted patterns. Powered by **Gemma 4 31B** running via OpenRouter's free tier.\n\n---\n\n## 🧠 What It Does\n\nDrop your project files into VibeSafe and get a structured report across four dimensions:\n\n| Report Section | What You Get |\n|---|---|\n| 🔑 **Proof of Authorship** | Your human design decisions vs AI-generated patterns, with an originality score |\n| 🔐 **Security Audit** | Vulnerabilities, exposed secrets, injection risks with specific fixes |\n| 🧠 **Logic Analysis** | Edge cases, dead code, race conditions, code quality score |\n| 📖 **Plain English** | What your code actually does, explained simply |\n\nAt the end, download a **signed Proof of Authorship certificate** — a plain-text document listing every architectural decision that proves the project is genuinely yours.\n\n---\n\n## 🎯 Why This Exists\n\nThe software industry has shifted. AI-assisted development is now standard practice — but that creates a real problem: **how do you prove what you actually built?**\n\nWhen submitting to a hackathon, applying for a job, or open-sourcing a project, reviewers increasingly ask: *\"Did you write this, or did an AI?\"*\n\nVibeSafe answers that question — not by detecting AI, but by **surfacing your human decisions**: the architecture choices, the product instincts, the specific tradeoffs only you would have made.\n\n---\n\n## ⚙️ How It Works\n\n```\nUser uploads code files\n        ↓\nVibeSafe reads all files and concatenates them\n        ↓\nEntire codebase sent as single prompt to Gemma 4 31B\n(262K context window — no chunking needed for most projects)\n        ↓\nGemma 4 returns structured JSON analysis\n        ↓\n4-section report rendered in the dashboard\n        ↓\nUser downloads Proof of Authorship certificate (.txt)\n```\n\n### Why Gemma 4 31B?\n\n- **262K context window** — your entire codebase fits in one prompt. No chunking, no lost context, no missed connections between files.\n- **Real Gemma 4** — not a distilled or quantized version. Full model capability for nuanced authorship reasoning.\n- **Free via OpenRouter** — zero cost, no credit card, just an API key from openrouter.ai\n- **Strong code understanding** — Gemma 4 31B ranks highly on coding and reasoning benchmarks, making it well-suited for security analysis and architectural pattern recognition.\n\n---\n\n## 🚀 Getting Started\n\n### Prerequisites\n\n- A free OpenRouter API key from [openrouter.ai/keys](https://openrouter.ai/keys)\n- No installation required — VibeSafe runs entirely in the browser\n\n### Usage\n\n1. Go to the VibeSafe web app\n2. Paste your OpenRouter API key into the key input field\n3. Upload your project files (drag and drop, multiple files supported) — or paste code directly\n4. Click **ANALYZE WITH GEMMA 4**\n5. Wait 30–90 seconds while Gemma 4 reasons through your codebase\n6. View your full report across all four sections\n7. Click **DOWNLOAD PROOF OF AUTHORSHIP CERTIFICATE** to save your `.txt` certificate\n\n### Supported File Types\n\n`.py` `.js` `.jsx` `.ts` `.tsx` `.html` `.css` `.json` `.yaml` `.yml` `.sh` `.go` `.rs` `.java` `.php` `.rb` `.sql` `.vue` `.svelte` `.prisma` `.toml` `.env` `.graphql`\n\n---\n\n## 🔐 Privacy\n\n**Your code never leaves your browser session in any persistent way.**\n\n- VibeSafe makes a direct API call from your browser to OpenRouter\n- No backend server stores your files\n- No database logs your code\n- Your API key is stored in React state only — never in localStorage, never sent anywhere except OpenRouter\n- Each session is stateless — closing the tab clears everything\n\n---\n\n## 📋 Proof of Authorship Certificate\n\nThe exported certificate looks like this:\n\n```\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n         VIBESAFE — PROOF OF AUTHORSHIP\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\nGenerated: 2026-05-16T10:32:11.000Z\nAnalyzed by: Gemma 4 31B via OpenRouter\nFiles: app.py, utils.py, config.py\n\nHUMAN CONTRIBUTION SCORE: 78/100\n\nWHAT THIS PROJECT DOES\nA REST API for managing todo items with user authentication,\nSQLite persistence, and a search endpoint.\n\nHUMAN ARCHITECTURAL DECISIONS\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n1. Decision to separate database connection into get_db()\n   Evidence: Explicit factory function pattern in app.py line 12\n\n2. Choice to use MD5 → SHA256 migration path in auth\n   Evidence: dual-hash verification in login() function\n\n3. Stateless token design using user ID\n   Evidence: /login returns raw user ID as token, deliberate tradeoff\n\nAI-ASSISTED PATTERNS DETECTED\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n1. Boilerplate Flask route scaffolding\n   Location: All @app.route decorators follow identical pattern\n\n2. Generic error handling structure\n   Location: try/except blocks in upload handlers\n\nSECURITY STATUS: HIGH\nCODE QUALITY: 72/100\nVIBE SCORE: 68/100\n\nVERDICT: Solid architecture with critical SQL injection issues\nthat need fixing before any production deployment.\n\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\nThis certificate was generated by VibeSafe\nPowered by Gemma 4 · Built for the vibe coding era\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n```\n\n---\n\n## 🗂️ Project Structure\n\n```\nvibesafe/\n├── src/\n│   ├── App.jsx                  ← Main app with view state management\n│   ├── index.css                ← Global styles, scanline animation\n│   └── components/\n│       ├── Header.jsx           ← Top bar with branding\n│       ├── CodeUploader.jsx     ← File drag-drop + paste tabs + API key input\n│       ├── LoadingAnalysis.jsx  ← Animated terminal loading screen\n│       ├── ReportDashboard.jsx  ← 4-card report layout\n│       ├── AuthorshipCard.jsx   ← Hero card + certificate export\n│       ├── SecurityCard.jsx     ← Expandable vulnerability list\n│       ├── LogicCard.jsx        ← Quality score + logic issues\n│       └── PlainEnglishCard.jsx ← Plain language explanation\n├── index.html\n├── vite.config.js\n├── tailwind.config.js\n└── package.json\n```\n\n---\n\n## 🛠️ Tech Stack\n\n| Layer | Technology |\n|---|---|\n| Frontend | React 18 + Vite |\n| Styling | Tailwind CSS + custom CSS |\n| Animations | Framer Motion |\n| File handling | react-dropzone |\n| AI Model | Gemma 4 31B (`google/gemma-4-31b-it:free`) |\n| AI Provider | OpenRouter (free tier) |\n| Context window | 262,144 tokens |\n| Deployment | Lovable / Vercel / Netlify |\n\n---\n\n## 🔬 Model Selection Rationale\n\nVibeSafe specifically uses **Gemma 4 31B** for these reasons:\n\n**Why not a smaller Gemma 4 model (4B, 2B)?**\nToo small for nuanced security pattern recognition and multi-file architectural reasoning. Small models miss cross-file dependencies that are critical for authorship analysis.\n\n**Why not a different provider or model?**\nGemma 4 31B offers 262K context — the entire project in one shot. Competing models with similar context windows either require payment or don't perform as well on structured JSON output for code analysis tasks.\n\n**Why the full 31B dense model over the 26B MoE?**\nFor security analysis, consistent reasoning quality matters more than inference speed. The 31B dense model activates all parameters for every token, producing more reliable and thorough vulnerability detection.\n\n---\n\n\n## 📄 License\n\nMIT License — see [LICENSE](LICENSE) for details.\n\n---\n\n## 🙌 Contributing\n\nPull requests welcome. For major changes, open an issue first to discuss what you'd like to change.\n\n1. Fork the repo\n2. Create your feature branch (`git checkout -b feature/amazing-feature`)\n3. Commit your changes (`git commit -m 'Add amazing feature'`)\n4. Push to the branch (`git push origin feature/amazing-feature`)\n5. Open a Pull Request\n\n---\n\n## 📬 Contact\n\nBuilt by **Simran Shaikh** — [@SimranShaikh20](https://github.com/SimranShaikh20)\n\n---\n\n*VibeSafe · Built for the vibe coding era · Powered by Gemma 4*","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimranshaikh20%2Fvibesafe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimranshaikh20%2Fvibesafe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimranshaikh20%2Fvibesafe/lists"}