01Detect
Every package, watched continuously.
react@19.1.0ok
next@15.3.2ok
lodash@4.17.21ok
axios@1.14.1malicious
Simple security for vibecoders.
Dome watches your packages, prepares the fix, and helps rotate exposed keys before you ship.
Built for the stack you ship with
GitHubVercelNext.jsSupabaseClerkStripe
AI accelerated everything
AI made shipping instant.
Security didn’t.How it works
Detect. Fix. Rotate.
02Fix
The fix, ready to review.
package.json1 file changed +1 -1
-"axios": "^1.14.0"
+"axios": "1.13.2"
03Rotate
Exposed keys, guided to rotation.
Vercel
VERCEL_TOKEN
Supabase
SUPABASE_KEY
Stripe
STRIPE_SECRET
GitHub
GITHUB_TOKEN
What Dome finds
Exposed secrets
Malicious packages
Vulnerable dependencies
Missing auth guards
Unsafe API routes
Risky CI workflows
Built on trust
Read-only by default
Read access to scan. Write access only when you enable fix PRs. Every permission is yours to control.
Your code stays yours
Source code is never stored. Scans run in your CI environment. Findings reference lines, not files.
You approve. Dome handles the work.
Dome opens the fix PR, waits for checks, and merges it when your policy passes.
Least privilege access
Minimal GitHub App scopes. No unnecessary permissions. Revoke access at any time.
Questions