Are AI App Builders Secure? We Put Three Leaders to the Test.
We asked Lovable, Base44, and Bolt to build a simple app. What we found reveals a critical gap between the platforms' promise to democratize software development - and the security they actually deliver.
The Billion-Dollar Promise
AI app builders are the industry’s hottest trend, backed by massive funding and a bold promise: anyone can build production apps in minutes – no coding required.
But when platforms market themselves to non-technical users and promise to “handle the technical implementation securely” – do they deliver?
We tested three leading platforms to find out.
What We Discovered
All three platforms failed our basic security test
A simple prompt revealed fundamental flaws in how these tools generate code
Built-in security features aren’t enough
Detection was inconsistent, incomplete, or missing entirely
Even adding the ask for a ‘secure’ app didn’t solve the problem
Non-technical users – the target audience – face an impossible challenge
There’s an accountability gap
When AI generates vulnerable code, who’s responsible?
Get the Full Story
Download the complete research for:
- Our testing methodology across all three platforms
- How each platform’s security features performed
- The accountability question: where does responsibility lie?
- Critical recommendations for technical and non-technical users