Expert insights on AI-powered coding security, vibe-based development practices, and protecting AI-generated web applications from vulnerabilities.

· · 2 min read

How Vibe-Eval's AI Agents Found an Auth Bypass in a Replit Agent App in 47 Seconds

Replit VibeEval auth case study security
How Vibe-Eval's AI Agents Found an Auth Bypass in a Replit Agent App in 47 Seconds

The Setup

  • Replit Agent generated a CRUD app with multi-tenant orgs and role-based dashboards.
  • Staging had seeded accounts: admin@acme and viewer@acme.
  • Vibe-Eval ran the “Auth Gauntlet” profile: token reuse, role switching, deep link access, and expired sessions.

The Timeline (00:47 total)

  1. 00:11 — Agent logs in as admin, captures cookies/localStorage.
  2. 00:18 — Switches to viewer account, keeps old admin token in memory.
  3. 00:27 — Replays admin token against viewer session; backend accepts it due to missing org scope check.
  4. 00:41 — Hits /orgs/other-org/reports via deep link; data returns 200.
  5. 00:47 — Report generated with evidence: HAR, screenshots, and cURL snippet.

Root Cause

  • JWT contained org_id but backend trusted client-supplied org_id parameter.
  • No middleware enforcing session org; UI blocked the link but API didn’t.

The Fix

  • Enforce server-side org scoping: derive org_id from session/JWT, ignore user-supplied org params.
  • Add requireRole('admin') middleware on reports/export routes.
  • Invalidate all tokens on org switch; clear storage on logout.

Retest Results

  • Re-run of Vibe-Eval profile returned 403s for cross-org attempts.
  • Deep links now redirect to org picker; HAR evidence shows denied access.

Takeaways for Replit Agent Users

  • Always pair generated role UIs with backend enforcement.
  • Add Vibe-Eval to preview deployments and keep a fixture set for multi-tenant flows.
  • Treat deep links as first-class test cases; that’s where bypasses hide.

Key Takeaways

Key Takeaways

  • 47 seconds to discover a critical multi-tenant auth bypass in AI-generated code
  • Backend trust is essential - never rely on client-supplied organization IDs or parameters
  • JWT validation alone isn’t enough - must enforce org scoping at the middleware level
  • Deep links are attack vectors - they bypass UI protections and hit APIs directly
  • Automated testing catches what code review misses - security agents find real-world attack patterns
  • Multi-tenant apps need fixture data - test with multiple orgs and roles from day one
  • Retest after fixes - verify that patches actually block the attack before deploying

Security runs on data.
Make it work for you.

Effortlessly test and evaluate web application security using Vibe Eval agents.

GET STARTED GET A DEMO