AI vulnerability modules with clear exploit & fix guidance

Leaked API credentials in client bundles, logs, source maps, and misconfigured environment variables.

Tables without restrictive Row Level Security policies allow unauthorized reads and writes.

Untrusted input manipulates model behavior, triggering unauthorized actions or data disclosure.

Endpoints trust client IDs without server-side ownership checks, enabling account data access.

LLM-invented package names are hijacked by attackers for supply-chain compromise.