Login and accounts
Sign-in surfaces and who can see what. Hard stop only if private data looks wide open.
Seatbelt
Engineer rails so you ship fast and safely. So you don't feel scared of stopping or sharing what the agent built. Seatbelt runs a Ship Read in about a minute. Fix lands in your agent. Free during early access.
Check. Fix. Again. Cleared to share. About a minute. Free during early access.
Agent changed the build. Seatbelt is ready to check.
Check, fix, again, cleared. Six surfaces every pass. Step through. Play is optional.
Seatbelt is a Ship Read for AI built apps with real risk. It is not a static site checker or a pentest.
Your app has login, takes money, holds customer data, or leaves risky admin shortcuts. You want eyes open before real users show up.
You only shipped plain HTML or a static site. You're probably fine. Run Seatbelt when the product does real things.
Why CEOs care: An independent check you can share so engineering knows you didn't skip a look. Secondary to shipping fast.
Stay in the loop. Hand Seatbelt the build, get a Ship Read, Fix back in the same agent. Run it again each time you're about to ship.
Project folder or ZIP export. Not the agent's "we're done" story. Preview URL and git come next.
About a minute on the scary surface areas. Plain English. Share link after every check.
One tap sends the fix to Cursor, Claude, or whatever you use. Then run again until you hear cleared to share.
Four commands. Check, fix, again, report. The agent offers a buckle after risky edits. You hear a one line verdict, up to three flags, then the next move. Fix ends with again until you are cleared to share.
Loop
/seatbelt
seatbelt
Run a Ship Read on the project you just built. One line verdict, up to three flags, one next move.
MCP · seatbelt_scan · Alias: /seatbelt check · am I clear to share?
Not silent on every message. You ask when you are about to ship, or the agent nudges after risky edits.
Paste this into agent rules on ChatGPT.com or other hosts without MCP. On Cursor or Claude, prefer MCP when it is live. This is the fallback.
Before you claim the app is done or ready to ship: 1. If Seatbelt MCP is configured: call seatbelt_scan on the project folder or ZIP export. 2. If MCP is not available: ask me for the export and run https://withseatbelt.com once. Do not treat your own summary as the report. 3. Reply with one line verdict, up to three flags, one next move. 4. For each flag with a fix prompt, apply it in this chat, then run again until I am cleared to share, or accept the risk.
Scary surfaces on AI built apps, read as one system. Seatbelt skims structure clues on the folder or ZIP you share, then sends Fix into your agent.
Login and accounts
Sign-in surfaces and who can see what. Hard stop only if private data looks wide open.
Payments and money
Checkout, Stripe shaped pieces, webhooks. Soft fix so you verify before real charges.
Secrets and keys
API keys and env looking names in the build. Public leaks get a hard gate.
Customer data
Orders, profiles, emails, uploads. Soft note so you know the app holds people.
Databases
ORM config, raw SQL concat, DB URLs in client, SQLite in public, open DB admin UIs. Structure clues only, not live probing.
Risky shortcuts
Open admin, debug leftovers, delete everything routes. Hard stop when destructive.
Honest scope: Structure and clues on the folder or ZIP you share. Not a pentest. Not hacking production. Built for apps with login, money, or customer data, not plain HTML or static marketing sites.
Share a report link after every check
You earn Verified by Seatbelt only after a real scan on an app with substance. Plain marketing pages that find almost nothing do not get a badge. It links to your report, not a sticker.
Seatbelt does not hack your database or pretend to be a pentest. It reads the build you share, the way a careful friend would skim it.
A sixty second map so you keep shipping, not a vuln scoreboard or another CodeRabbit.
Start with Get started: install from the monorepo, run /seatbelt init for an optional .seatbelt/ latch, then /seatbelt for a Ship Read. Early access also has a browser path. Prefer MCP in Cursor for the daily loop. No MCP? One web scan, then paste fixes back. Optional fallback rule: Include Seatbelt.
The scary surface areas on AI built apps: accounts, money, secrets, customer data, databases, and risky shortcuts. You hand it a project folder or ZIP. It skims that build. It does not hack production or read customer private data. See What the buckle watches.
ChatGPT (and your coding agent) will summarize what they think they built. Seatbelt reads the real project folder or ZIP you share, then gives you a shareable report and a Fix in agent path. Independent of the agent's "we're done" story. Stay in the loop and run it again before each ship.
Probably not yet. If it only markets and does not hold real risk, you're usually fine. Seatbelt shines when the app does real things. If a scan finds almost nothing, we say so honestly. Run again when the product logs people in, takes money, or stores customer data.
About a minute, then back to shipping. There is no review queue. Scans are ephemeral; we don't keep your source. Free during early access.
Free while we build. Hand Seatbelt a folder or ZIP. About a minute of clarity in the build loop. Then keep shipping.