// docs / overview
FixVibe docs
Everything that ships with FixVibe โ the REST API, the MCP server for Claude / Cursor, scan types and modes, domains and scheduling, live threat detection, AI fix prompts, and the per-tier limits that gate them. Pick a starting point below.
Getting started
Quickstart
Sign up, run your first scan, read the report.
Scan types
Passive vs active probes, the verified-domain attestation flow, and GitHub repo scans.
Domains
Verify a domain, schedule periodic re-scans, enable live threat monitoring.
AI fix prompts
Copy coding-agent prompts where code/config changes apply, and operator steps for DNS, provider, secret-rotation, and review findings.
Reference
REST API
POST /api/v1/scans, GET findings, cursor pagination, error shapes.
MCP server
Wire FixVibe into Claude Desktop / Cursor / Continue via Model Context Protocol.
Quotas & limits
Per-tier scan caps, API rate limits, retention, and rate-limit response headers.
Webhooks
Outbound webhooks โ endpoint setup, event payloads, signing, and retries.
Security guides
In-depth guides for securing apps built with Cursor, Claude Code, Lovable, Bolt, v0, and Windsurf โ DAST primer, pre-ship checklist, step-by-step hardening, and more.
BaaS security
Targeted articles on Supabase, Firebase, Clerk, and Auth0 misconfigurations โ RLS gaps, exposed service keys, open storage buckets, and the scanner workflow that catches them before users do.
