Spent the weekend scanning 100 public apps built with AI tools (Lovable, Bolt, v0).
โ
โ 68% are leaking something.
โ 1 in 4 have their database wide open to anyone who opens devtools.
โ
โ Writing up what I found + a free way to check your own. Soon. ๐ก๏ธ
@Joi2James LeakTrap โ a free CLI that catches the ways AI-built apps leak (exposed keys, open databases, missing auth) before you ship. npx leaktrap ๐ก๏ธ @leaktrapdev
This is solid for chat users. Running Claude Code, the math is different.
In agentic loops, tool results are the killer โ bash output, file reads, API responses accumulate as input every step. Same blowup, different source.
The whole list collapses to: CLAUDE.md + sandboxed tool outputs + subagents.
Also: Claude Code bills on tokens, not rolling windows. Tips 8+9 don't apply.
2/ Near-resolution regime โ at 90ยข+, OU breaks. Spread gaps to terminal instead of reverting. Need a regime switch or you're fading moves you shouldn't.Polymarket's on-chain settlement also creates latency asymmetry the Kalshi leg doesn't share.Delta-neutral in the math. Delta-lagged in execution.
@LememeJames I found a stash like that in dollar general once. The music is on point. I wanted to go grab an inflatable raft, lay back, and open them down the center aisle.
@itsbarone@greg16676935420 You found the only wrong answer. You can argue purpose, time (certainly none of yours), or money, but not all three together.