DEV Community

Cover image for I built an application to stop YOU from blindly pasting AI slop into your project.
Manu Jawahar
Manu Jawahar

Posted on

I built an application to stop YOU from blindly pasting AI slop into your project.

#ai #programming #cybersecurity #opensource

AI agents are making us incredibly fast, but they're also making it dangerously easy to ship insecure code.

Students and junior devs blindly follow code suggestions from Copilot and ChatGPT, not even once thinking about the structural integrity of the code. They may or may not have SQL injections, exposed API keys, and severe architectural flaws.

We don't need AI to stop writing code for us. We need better tools to understand and verify what the AI wrote before it hits production.

So, I built Soteria.

What is it?

Soteria is an AI-powered code security platform built specifically for students and early-career developers. Think of it as an educational firewall. It doesn't just highlight vulnerabilities; it helps you build a mental model for secure coding.

Key Features:

  • Built to recognize 50+ languages, Soteria instantly detects injection flaws, XSS, and dozens of other vulnerability patterns.

  • Not aware of the problem at hand? No problem, every bug/vulnerability has a beginner-friendly, plain-English explanation of why the code is dangerous and exactly how to fix it.

  • The better you get at your security habits, the more XP you earn for every scan, level up your rank (from Novice to Architect), and build your security intuition over time.

We leverage the Gemini 2.5 Pro API for deep contextual analysis of code snippets. Instead of just running static regex checks, Soteria passes the code context to Gemini, which acts as the "Neural Engine" to explain why something is vulnerable and provide exact, context-aware remediation steps.

We also included a structured architecture with specialized engines (like the KnowledgeGraph and NeuralEngine) to parse API responses, structure the vulnerability data, and ensure the explanations are accurate and beginner-friendly.

Why I built this

The gap between "it works" and "it's secure" is massive. I wanted to create a tool that catches developers right at the moment of integration.

If we can teach developers to recognize a vulnerable pattern specifically when they are about to commit it, the amount of money and time saved is astronomical!

But for all this to happen, I need YOUR guys' help‼️

Sometimes developers have an oversight with their code (with bugs and features that could be a game-changer), and that's where users come in 👀.

SO GO TRY IT: trysoteria.live

Leave a comment down below or connect with me on LinkedIn

Top comments (1)

Collapse
 
manuj3400 profile image
Manu Jawahar

What do you guys have in mind for the next release??