Add VibeRaven production readiness gate rule#309
Conversation
📝 WalkthroughWalkthroughThis PR introduces VibeRaven production-readiness gate documentation. A new rule file defines a pre-launch verification workflow with iterative agent-loop steps, provider-dashboard tasks, and CLI utilities. The rule is indexed in README under Hosting and Deployments. ChangesVibeRaven Production-Readiness Gate Documentation
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~5 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@rules/viberaven-production-readiness-gate.mdc`:
- Around line 3-4: The frontmatter currently sets globs: **/* with alwaysApply:
false, which is ambiguous; either make the rule global by setting alwaysApply:
true or scope it by narrowing the globs to meaningful targets (e.g.,
deployment/config file patterns like **/*.{yml,yaml,json,env} or specific
production paths); update the frontmatter keys "globs" and "alwaysApply"
accordingly so the rule's intent is explicit and conforms to the hygiene check
contract.
- Around line 22-26: The rule in viberaven-production-readiness-gate.mdc
currently asserts VibeRaven will emit `.viberaven/agent-tasklist.md`,
`.viberaven/gate-result.json`, `.viberaven/context-map.json`,
`.viberaven/agent-summary.md`, and `.viberaven/launch-playbook.md`; verify
VibeRaven's actual output filenames/paths by checking its docs or running it
against a sample repo, then update the rule to reference the real output
locations (or remove the `.viberaven/*` expectations) so the entries in
viberaven-production-readiness-gate.mdc match the tool's documented/generated
artifacts.
- Around line 57-62: The "Useful Commands" snippet contains unverified CLI usage
(e.g., "npx -y viberaven next --json", "prompt --gap", "--heal --plan --gap",
"--strict", "audit --vercel-supabase"); run the published tool's help/docs (npx
viberaven --help or official docs) to confirm actual subcommands and flags, then
update the file rules/viberaven-production-readiness-gate.mdc to either replace
those lines with the exact, documented CLI invocations or remove the CLI block
if no CLI exists, ensuring any retained entries match the real command names and
flags shown by viberaven --help.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 320cc22e-24fa-4190-891e-39b68f15cb20
📒 Files selected for processing (2)
README.mdrules/viberaven-production-readiness-gate.mdc
| globs: **/* | ||
| alwaysApply: false |
There was a problem hiding this comment.
Clarify rule scoping: globs: **/* with alwaysApply: false is ambiguous.
The frontmatter declares globs: **/* (matching all files) combined with alwaysApply: false. This configuration is semantically unclear: if the rule should apply to all file types, use alwaysApply: true; if it should be scoped to specific contexts (e.g., deployment configs, infrastructure files), declare narrower globs like **/*.{yml,yaml,json,env} or production-related paths.
According to the hygiene check contract, scoped rules (alwaysApply: false) should use globs that meaningfully restrict which files trigger the rule.
♻️ Recommended fix: choose one approach
Option 1 (preferred if this rule should always apply):
---
description: "Production-readiness gate for AI-built apps using VibeRaven before launch, deploy, auth, billing, database, RLS, env vars, webhooks, monitoring, or tests."
-globs: **/*
-alwaysApply: false
+globs:
+alwaysApply: true
---Option 2 (if scoping to deployment/config files):
---
description: "Production-readiness gate for AI-built apps using VibeRaven before launch, deploy, auth, billing, database, RLS, env vars, webhooks, monitoring, or tests."
-globs: **/*
+globs: **/*.{yml,yaml,json,env,md}, **/Dockerfile, **/vercel.json, **/netlify.toml
alwaysApply: false
---📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| globs: **/* | |
| alwaysApply: false | |
| --- | |
| description: "Production-readiness gate for AI-built apps using VibeRaven before launch, deploy, auth, billing, database, RLS, env vars, webhooks, monitoring, or tests." | |
| globs: **/*.{yml,yaml,json,env,md}, **/Dockerfile, **/vercel.json, **/netlify.toml | |
| alwaysApply: false | |
| --- |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@rules/viberaven-production-readiness-gate.mdc` around lines 3 - 4, The
frontmatter currently sets globs: **/* with alwaysApply: false, which is
ambiguous; either make the rule global by setting alwaysApply: true or scope it
by narrowing the globs to meaningful targets (e.g., deployment/config file
patterns like **/*.{yml,yaml,json,env} or specific production paths); update the
frontmatter keys "globs" and "alwaysApply" accordingly so the rule's intent is
explicit and conforms to the hygiene check contract.
| - `.viberaven/agent-tasklist.md` | ||
| - `.viberaven/gate-result.json` | ||
| - `.viberaven/context-map.json` | ||
| - `.viberaven/agent-summary.md` | ||
| - `.viberaven/launch-playbook.md` |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
What files does the VibeRaven production-readiness tool generate in the .viberaven directory?
💡 Result:
VibeRaven is a tool designed for assessing the production readiness of AI-built applications [1][2]. While some related production-readiness tools, such as the open-source toolkit vibe-check, store assessment output in a.vibe-check directory (containing files like summary.md, report.md, action-plan.md, and metadata.json) [3], there is no evidence that VibeRaven uses or generates files in a directory named.viberaven. VibeRaven operates primarily as a VS Code and Cursor extension that scans repositories to detect infrastructure, stacks, and production risks [1][2]. If you are encountering a.viberaven directory in your project, it may be unrelated to the VibeRaven production-readiness extension, or it may be a custom configuration not documented in public technical sources as of June 2026. [4][1][5]
Citations:
- 1: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 2: https://forum.cursor.com/t/recall-open-mcp-memory-pattern-that-survives-across-cursor-sessions/160076
- 3: https://github.com/Hypership-Software/vibe-check
- 4: https://viberaven.dev/best-ai-app-production-readiness-tools
- 5: https://forum.cursor.com/t/extension-verification-viberaven/161665
Update VibeRaven output path expectations.
In rules/viberaven-production-readiness-gate.mdc (lines 22-26), the rule expects VibeRaven to generate files under .viberaven/ (agent-tasklist.md, gate-result.json, context-map.json, agent-summary.md, launch-playbook.md). Public references for VibeRaven don’t show it producing a .viberaven directory or these specific filenames. Confirm the actual VibeRaven output locations/filenames and update the rule accordingly.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@rules/viberaven-production-readiness-gate.mdc` around lines 22 - 26, The rule
in viberaven-production-readiness-gate.mdc currently asserts VibeRaven will emit
`.viberaven/agent-tasklist.md`, `.viberaven/gate-result.json`,
`.viberaven/context-map.json`, `.viberaven/agent-summary.md`, and
`.viberaven/launch-playbook.md`; verify VibeRaven's actual output
filenames/paths by checking its docs or running it against a sample repo, then
update the rule to reference the real output locations (or remove the
`.viberaven/*` expectations) so the entries in
viberaven-production-readiness-gate.mdc match the tool's documented/generated
artifacts.
| npx -y viberaven next --json | ||
| npx -y viberaven prompt --gap <gap-id> | ||
| npx -y viberaven --heal --plan --gap <gap-id> | ||
| npx -y viberaven --strict | ||
| npx -y viberaven audit --vercel-supabase | ||
| ``` |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
What are the available command-line flags and commands for the VibeRaven CLI tool?
💡 Result:
VibeRaven (often referred to as VibeRaven Station) is primarily an IDE extension designed for VS Code and Cursor [1][2][3]. It focuses on scanning repositories created by AI agents to identify launch gaps, map tech stacks, and provide actionable prompts for further development [1][4][5]. Based on current technical information, VibeRaven does not operate as a standalone command-line interface (CLI) tool. It is an extension that functions within an IDE environment [1][2][5]. Confusion regarding a "VibeRaven CLI" likely stems from a separate, similar-sounding tool called "vibe-hardening" (often invoked as vh), which is a command-line security scanner for AI-generated code [6]. The vh CLI tool includes the following commands and flags [6]: Commands: vh scan: The main command to perform a security scan, providing a 0-100 score and A-F grade [6]. vh explain : Prints detailed documentation for a specific security rule, including what it detects and how to fix it [6]. vh badge: Emits an SVG file that can be embedded in a project README to display the current security score [6]. CLI Flags for 'vh scan': --changed-only: Limits the scan to only files modified in the current git diff [6]. --verify --own: Attempts to verify detected API keys against provider APIs to confirm if they are active [6]. The --own flag restricts this probing to credentials explicitly claimed by the user [6]. --format <json|html>: Specifies the output format for the scan report [6]. --roast: Swaps professional feedback for dry one-liners [6]. --suggest-fix: Outputs text-based diffs for turning inline API keys into environment variables (e.g., process.env.X) along with an.env.example stub [6]. If you are looking for VibeRaven functionality, please access it through the VS Code or Cursor extension marketplace [1][7].
Citations:
- 1: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 2: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 3: https://www.reddit.com/r/VibeCodersNest/comments/1t692t6/i_used_my_ai_product_to_launch_itself/
- 4: https://forum.cursor.com/t/recall-open-mcp-memory-pattern-that-survives-across-cursor-sessions/160076
- 5: https://www.facebook.com/groups/codingwithai/posts/968288065974585/
- 6: https://www.facebook.com/groups/2753636021674871/posts/2829679947403811/
- 7: https://marketplace.visualstudio.com/items/VibeRaven-Dev.viberaven/license
🏁 Script executed:
#!/bin/bash
set -euo pipefail
ls
echo "---- file context ----"
sed -n '1,120p' rules/viberaven-production-readiness-gate.mdc
echo "---- find viberaven usage ----"
rg -n "npx -y viberaven|viberaven (next|prompt|audit|heal|strict)" -S .
echo "---- list nearby similar rules ----"
rg -n "viberaven-production-readiness-gate|readiness gate|VibeRaven" -S rules . || trueRepository: PatrickJS/awesome-cursorrules
Length of output: 4329
🌐 Web query:
VibeRaven npm package CLI commands "next" "--json" "prompt" "--gap"
💡 Result:
VibeRaven is a tool designed to help developers bridge the gap between AI-built prototypes and production-ready applications by scanning repositories for risks and identifying missing configuration [1][2][3]. Based on current documentation, there is no official VibeRaven CLI command sequence specifically matching "next --json prompt --gap". The specific syntax you mentioned appears to conflate general patterns found in modern CLI tools with VibeRaven’s functionality [4]. VibeRaven is primarily distributed as a VS Code/Cursor extension rather than a standalone NPM CLI package [1][5]. Its core utility is to scan a project and provide a "snapshot" of production readiness, which includes generating context or prompts for coding agents like Cursor or Claude Code to address identified gaps [1][3]. If you are working with tools in the "vibe" ecosystem (such as VibeFrame, which shares similar naming and CLI patterns), please note the following: 1. Flag Patterns: Many modern CLI tools, including those in this domain, use --json to output data for machine parsing and --prompt to allow custom instruction inputs [4]. 2. CLI Documentation: If you are using a specific CLI tool from the "vibe" ecosystem, you can typically view supported commands by running vh --help or the specific binary name followed by --help [6][4]. 3. Verification: You can verify if a command exists in your local environment by checking the help menu or the official repository's CLI reference (e.g., for VibeFrame) [4]. If you are trying to use VibeRaven specifically, it is recommended to run it through your editor's terminal or chat interface as instructed on the official website, rather than via a standalone CLI command [5].
Citations:
- 1: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 2: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 3: https://forum.cursor.com/t/recall-open-mcp-memory-pattern-that-survives-across-cursor-sessions/160076
- 4: https://github.com/vericontext/vibeframe/blob/main/docs/cli-reference.md
- 5: https://viberaven.dev/
- 6: https://www.facebook.com/groups/2753636021674871/posts/2829679947403811/
🌐 Web query:
site:github.com viberaven "prompt" "--gap"
💡 Result:
The search terms viberaven, prompt, and --gap appear to refer to distinct, unrelated projects within the broader ecosystem of AI-assisted development and automation tools: 1. viberaven: This is a GitHub user account [1] associated with repositories such as color-typology [2], dnascanner [3], and others. There is no widely recognized software tool or CLI named "viberaven" that uses the specific parameter "--gap". 2. "prompt" and "--gap" in Vibe-related tools: - The CLI tool vibeframe (often referred to simply as vibe) includes a command vibe edit fill-gaps [4][5]. The --gap flag (or similar parameter structure) is not a standard top-level flag for general prompts in this tool; rather, the command itself is designed to address gaps in projects [4]. - Other unrelated projects, such as vibe-plugins [6] or vibe-coding-playbooks [7], use terms like "gap" or "prompt" in their documentation (e.g., "fill-gaps" as a structural process or "prompt engineering" as a practice), but these are not tied to a "viberaven --gap" command. 3. Potential confusion: It is likely that the query conflates the GitHub username "viberaven" with "vibe"-branded coding tools (like Vibe/vibeframe) or standalone prompt-management packages like VibePrompt [8]. In summary, there is no technical command viberaven --gap known in the development community. If you are attempting to fill gaps in a codebase, you may be looking for the vibe edit fill-gaps command found in the vibeframe project [4].
Citations:
- 1: https://github.com/viberaven
- 2: https://github.com/v1b3coder
- 3: https://github.com/good-lly?tab=repositories
- 4: https://github.com/vericontext/vibeframe/blob/main/docs/cli-reference.md
- 5: https://github.com/vericontext/vibeframe/tree/dd8ed105b627af9050b8d03c706d317b612c74f0
- 6: estevanhernandez-stack-ed/vibe-plugins@00a91bb
- 7: https://github.com/plamen5rov/vibe-coding-playbook/blob/master/sections/07-prompt-engineering.md
- 8: https://github.com/mohammedaly22/vibeprompt
🌐 Web query:
"viberaven" "audit" "--vercel-supabase"
💡 Result:
Based on the available information as of June 10, 2026, there is no evidence of a command-line tool or audit parameter specifically named --vercel-supabase [1][2][3][4][5]. The terms provided appear to be related to the following distinct projects: VibeRaven is a VS Code and Cursor extension designed for builders using AI coding assistants [1][6]. It scans repositories to map the technology stack (e.g., Vercel, Supabase, Stripe) and identifies configuration gaps, risky dependencies, or missing "wired" components before production deployment [1][7][8]. It is not a CLI audit tool that utilizes a --vercel-supabase flag [1][6]. vibeAudit (also associated with the domain vibeaudit.net and vibeaud.it) is a security scanning service focused on AI-generated applications, including those using Next.js and Supabase [2][4]. It detects vulnerabilities such as disabled Row Level Security (RLS) in Supabase, exposed environment variables, and authentication bypasses [2][4]. Other independent tools exist for auditing Supabase and Vercel-deployed applications, such as SupaSec (an open-source CLI tool) [9] and the supabase-security-skill (which includes GitHub Action support and MCP server capabilities for AI integration) [10][11]. If you encountered the string --vercel-supabase, it is likely a misremembered parameter from one of these specialized security scanners or an internal flag used by a specific workflow automation [3][9][10].
Citations:
- 1: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 2: https://vibeaudit.net/
- 3: https://github.com/TreRB/vibe-code-triage
- 4: https://vibeaud.it/
- 5: https://vibeappscanner.com/question/security-audit-vercel
- 6: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 7: https://www.facebook.com/groups/codingwithai/posts/968288065974585/
- 8: https://www.facebook.com/groups/vibecodinglife/posts/2027965017792025/
- 9: https://registry.npmjs.org/supasec
- 10: https://github.com/Perufitlife/supabase-security-skill
- 11: https://github.com/Perufitlife/supabase-security-mcp
🌐 Web query:
"viberaven" "--strict" "--heal" "--plan" "--gap"
💡 Result:
VibeRaven is a VS Code and Cursor extension designed for developers building applications with AI agents, particularly those deploying on platforms like Vercel [1][2][3]. Its primary purpose is to scan repositories to detect the technology stack, identify potential launch risks (gaps), and provide actionable prompts for AI coding assistants [1][2][4]. Based on the available documentation and current project scope as of June 2026, there is no official technical command line interface (CLI) for VibeRaven that utilizes the specific flags "--strict", "--heal", "--plan", or "--gap" [1][2][5]. The command flags you listed bear a strong resemblance to the CLI reference for "VibeFrame" or the "Vibe-Better-With-Claude-Code" (VBW) toolset, which are distinct projects often discussed in similar "vibecoding" developer communities [6][7]. For instance, VibeFrame uses a "vibe plan" command to manage assets and project stages, while VBW (Vibe-Better-With-Claude-Code) uses flags like "--plan" to generate execution plans [6][7]. It is likely that these parameters belong to one of those tooling ecosystems rather than the VibeRaven extension itself [6][7].
Citations:
- 1: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 2: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 3: https://www.reddit.com/r/VibeCodersNest/comments/1t692t6/i_used_my_ai_product_to_launch_itself/
- 4: https://www.facebook.com/theophilusnonny/posts/vibecoders-are-always-coding-and-pushing-extensions-to-vscode/1010491491398404/
- 5: https://github.com/viberaven
- 6: https://github.com/vericontext/vibeframe/blob/main/docs/cli-reference.md
- 7: https://mintlify.wiki/swt-labs/vibe-better-with-claude-code-vbw/commands/lifecycle
🌐 Web query:
npm viberaven bin commands help
💡 Result:
Based on the available technical registries as of June 2026, there is no npm package named viberaven that provides bin (binary) commands [1][2][3]. It appears there may be a confusion regarding the name. VibeRaven is a VS Code and Cursor extension designed to scan AI-built project repositories for stack and configuration risks, but it is not distributed as an npm package with CLI commands [4][5]. If you are looking for AI-focused CLI tools with similar "vibe" naming conventions, you may be thinking of one of the following actively maintained packages: 1. Vibeauryon (vibeauryon): An AI agent OS and MCP server that provides extensive CLI-based development tools for auditing, SEO, and performance [1]. It is invoked via npx vibeauryon@latest [1]. 2. VibeRAG (viberag): A local codebase RAG (Retrieval-Augmented Generation) tool that acts as an MCP server [2][6]. It can be installed globally via npm install -g viberag [2]. 3. Viberepo-cli (viberepo-cli): A CLI utility used for project initialization and managing agent context, invoked via npx viberepo-cli [3]. If you were referred to a specific "viberaven" command, please verify the package name or check if it is a private/internal tool not published to the public npm registry.
Citations:
- 1: https://registry.npmjs.org/vibeauryon
- 2: https://registry.npmjs.org/viberag
- 3: https://registry.npmjs.org/viberepo-cli
- 4: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 5: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 6: https://viberag.ai/
🏁 Script executed:
#!/bin/bash
set -euo pipefail
ls
echo "---- file context ----"
sed -n '1,120p' rules/viberaven-production-readiness-gate.mdc
echo "---- find viberaven usage ----"
rg -n "npx -y viberaven|viberaven (next|prompt|audit|heal|strict)" -S .
echo "---- list nearby similar rules ----"
rg -n "viberaven-production-readiness-gate|readiness gate|VibeRaven" -S rules . || trueRepository: PatrickJS/awesome-cursorrules
Length of output: 4329
🌐 Web query:
VibeRaven npm package CLI commands "next" "--json" "prompt" "--gap"
💡 Result:
VibeRaven is primarily a VS Code and Cursor extension designed to help developers transition AI-built demo applications into production-ready software by identifying risks and deployment gaps [1][2][3]. Based on current documentation and industry references, there is no evidence of a CLI tool named VibeRaven that utilizes the specific flags "next", "--json", "prompt", or "--gap" [1][2]. It appears these commands may be confused with other tools in the "vibe coding" ecosystem. For instance, a security tool often discussed in similar contexts, "vibe-hardening," uses commands like "vibe-hardening scan" and supports flags such as "--format json" [4]. Similarly, the "vibeframe" CLI (a separate project) utilizes "vibe plan --json" and includes an "nextCommands" field in its JSON output [5]. If you are working with an AI-generated codebase and encountering these commands, it is highly likely they belong to a different CLI tool or a specific build script within your project rather than an official VibeRaven CLI [1][5]. You may want to check your project's package.json for custom scripts or run vibe --help if a tool named "vibe" is installed in your environment [5].
Citations:
- 1: https://viberaven.dev/guides
- 2: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 3: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 4: https://www.facebook.com/groups/2753636021674871/posts/2829679947403811/
- 5: https://github.com/vericontext/vibeframe/blob/main/docs/cli-reference.md
🌐 Web query:
site:github.com viberaven "prompt" "--gap"
💡 Result:
The term "viberaven" refers to a GitHub account [1] associated with technical projects such as "color-typology" [2] and "dnascanner" [3][4], but it is not a recognized command-line utility or a standard software package associated with the syntax viberaven "prompt" "--gap". The syntax prompt and --gap (or fill-gaps) appears instead to be associated with Vibeframe (a video-generation and "Video as Code" CLI tool) [5][6] or general "vibe coding" prompt engineering practices [7][8][9]. Specifically: 1. Vibeframe CLI: Contains an edit fill-gaps command which accepts a prompt parameter [5]. 2. Vibe-plugins/General Vibe Coding: Uses terminology like "structural gaps" and "remediation-coverage expansion" in the context of prompt engineering and AI-agent workflows [7]. It is highly likely that the query is a conflation of the "viberaven" GitHub username [1] with Vibe-related CLI tools or coding practices [5][10][11]. If you are looking for the CLI functionality, you should likely use vibe edit fill-gaps --prompt "your prompt" within the Vibeframe ecosystem [5].
Citations:
- 1: https://github.com/viberaven
- 2: https://github.com/v1b3coder
- 3: https://github.com/good-lly?tab=repositories
- 4: https://github.com/good-lly?tab=projects
- 5: https://github.com/vericontext/vibeframe/blob/main/docs/cli-reference.md
- 6: https://github.com/vericontext/vibeframe/tree/dd8ed105b627af9050b8d03c706d317b612c74f0
- 7: estevanhernandez-stack-ed/vibe-plugins@00a91bb
- 8: https://github.com/plamen5rov/vibe-coding-playbook/blob/master/sections/07-prompt-engineering.md
- 9: https://github.com/agigante80/vibe-coding-prompts
- 10: https://gist.github.com/Raezil/0c7d9cc3e4d0bf6cfb5c737e2f8fb47e
- 11: https://github.com/mohammedaly22/vibeprompt
🌐 Web query:
"viberaven" "audit" "--vercel-supabase"
💡 Result:
VibeRaven and VibeAudit (sometimes referred to as VibeAppScanner) are distinct tools, though both focus on AI-generated applications built with stacks like Vercel and Supabase [1][2][3]. VibeRaven is an IDE extension (VS Code/Cursor) designed for production readiness [1][4][5]. It scans repositories to map the stack and identify configuration or launch risks—such as environment variables, billing, or monitoring setups—to help developers prompt AI coding agents for fixes [1][6][7]. The developers of VibeRaven explicitly state that it is not a security audit tool [6]. VibeAudit (or VibeAppScanner) is a security-focused tool designed to perform audits on AI-generated applications [2][8][3]. It specifically targets common vulnerabilities found in apps built by AI assistants, such as disabled Row Level Security (RLS) in Supabase, leaked API keys, and insecure middleware configurations [2][8][9]. There is no standard or official command flag titled --vercel-supabase within these tools; however, similar functionality exists in static analysis projects like vibe-code-triage, which uses command-line arguments to scan Next.js, Supabase, and Clerk applications for security gaps [9]. Top results: [1][2][8][9][3][6]
Citations:
- 1: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 2: https://vibeaudit.net/
- 3: https://vibeappscanner.com/question/security-audit-vercel
- 4: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 5: https://www.reddit.com/r/VibeCodersNest/comments/1t692t6/i_used_my_ai_product_to_launch_itself/
- 6: https://viberaven.dev/ai-app-production-checklist
- 7: https://viberaven.dev/
- 8: https://vibeaud.it/
- 9: https://github.com/TreRB/vibe-code-triage
🌐 Web query:
"viberaven" "--strict" "--heal" "--plan" "--gap"
💡 Result:
VibeRaven is a VS Code and Cursor extension designed for developers building applications with AI agents [1][2][3]. Its primary purpose is to scan project repositories, detect the tech stack (e.g., Vercel, Supabase, Stripe, monitoring tools), and identify potential issues, configuration gaps, or "risky" settings before the application is deployed for production [1][4]. The specific flags provided—--strict, --heal, --plan, and --gap—do not correspond to a documented command-line interface for the VibeRaven extension itself, which operates primarily as an IDE interface [1][5]. These flags are commonly associated with other "vibe-coding" or AI-assisted development CLI tools, such as VibeFrame or VBW (Vibe-Better-With-Claude-Code) [6][7]. In the context of those similar CLI-based tools: --plan: Used to generate execution plans, map dependencies, and break work into tasks [6][7]. --gap: Generally relates to identifying missing cues, configuration needs, or discrepancies in the project state [6]. --heal: Typically used in development agents to attempt automatic correction or resolution of detected project inconsistencies [7]. --strict: Typically enforces rigorous validation or fails the process if specific constraints (like cost caps or schema validation) are not met [6]. If you are seeing these flags in a terminal, you are likely interacting with a different CLI-based development tool rather than the VibeRaven IDE extension [1][6][7].
Citations:
- 1: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 2: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 3: https://www.reddit.com/r/VibeCodersNest/comments/1t692t6/i_used_my_ai_product_to_launch_itself/
- 4: https://www.facebook.com/theophilusnonny/posts/vibecoders-are-always-coding-and-pushing-extensions-to-vscode/1010491491398404/
- 5: https://marketplace.visualstudio.com/items/VibeRaven-Dev.viberaven/license
- 6: https://github.com/vericontext/vibeframe/blob/main/docs/cli-reference.md
- 7: https://mintlify.wiki/swt-labs/vibe-better-with-claude-code-vbw/commands/lifecycle
🌐 Web query:
npm viberaven bin commands help
💡 Result:
There is no npm package named viberaven that provides bin commands [1][2][3]. Based on your query, you are likely confusing it with similar-sounding projects in the current "vibe-coding" or AI agent ecosystem [1][2][3]. There are, however, several active npm packages in this domain that provide CLI tools and MCP (Model Context Protocol) servers for AI agents: 1. VibeAuryon: An AI agent OS and CLI audit suite for tools like Claude Code, Cursor, and Windsurf [1]. You can run it using npx vibeauryon [1]. 2. VibeCipher: A security audit CLI tool for AI coders, which can be run via npx vibecipher@latest [2]. 3. VibeRAG: A tool for local codebase RAG (Retrieval-Augmented Generation) and semantic search, often used as an MCP server [3][4]. If you were asking about npm bin commands in general (rather than a specific package), the npm bin command (or running npm bin -g for global installations) is used to display the directory where npm installs executable binaries [5][6]. Note that in newer versions of npm, this command may be deprecated or behave differently, and npx is typically recommended for executing binaries from local or remote packages [6]. If you are looking for VibeRaven specifically, it is a VS Code and Cursor extension designed to scan AI-built projects for production readiness, not a standalone npm package with CLI bin commands [7][8].
Citations:
- 1: https://registry.npmjs.org/vibeauryon
- 2: https://npmx.dev/package/vibecipher
- 3: https://registry.npmjs.org/viberag
- 4: https://viberag.ai/
- 5: https://docs.npmjs.com/cli/v7/commands/npm-bin/
- 6: https://www.geeksforgeeks.org/node-js/npm-bin-command/
- 7: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 8: https://forum.cursor.com/t/extension-verification-viberaven/161665
🌐 Web query:
site:viberaven.dev "npx -y viberaven"
💡 Result:
VibeRaven is a tool designed to assess the production readiness of AI-built applications [1][2]. Running the command npx -y viberaven is the standard method for executing the tool directly from the npm registry without permanent installation, which initiates a scan of your project [1]. The primary purpose of VibeRaven is to help developers who have built functional prototypes using coding agents identify launch gaps before deploying to real users [3][4]. When executed, the tool performs several functions: - It maps the application's technology stack [2]. - It identifies specific missing features or configuration gaps in areas such as authentication, billing, database management, deployment, and monitoring [3][5]. - It generates a focused task list that can be handed off to coding agents to implement the necessary fixes or verifications [1][6]. By using this command, you receive an automated assessment intended to bridge the gap between an AI-generated demo and a production-ready application [3][2].
Citations:
- 1: https://viberaven.dev/
- 2: https://viberaven.dev/ai-app-production-checklist
- 3: https://viberaven.dev/guides
- 4: https://viberaven.dev/best-ai-app-production-readiness-tools
- 5: https://viberaven.dev/ai-app-launch-gap-index
- 6: https://viberaven.dev/we-ran-viberaven-on-a-real-ai-built-app
🌐 Web query:
"npx -y viberaven next"
💡 Result:
The command "npx -y viberaven next" is not a standard or recognized command associated with the VibeRaven tool or any known official utility [1][2][3]. VibeRaven is a tool designed as a VS Code/Cursor extension to help developers transition AI-generated applications from prototypes to production-ready projects [1][2]. Its primary functionality involves scanning code repositories to detect technology stacks (e.g., Vercel, Supabase, Stripe) and identifying potential risks or missing configurations [1]. It appears there may be confusion regarding: 1. The VibeRaven tool: It is primarily distributed as an extension for editors like Cursor or VS Code, not as a command-line tool executed via npx [1][2]. 2. Similar-sounding commands: There are other "vibe" or "run" oriented tools (such as vibecode or viberun) that use npx, but these are distinct projects unrelated to VibeRaven [4][5]. 3. Npx syntax: The "npx -y [package]" pattern is commonly used to bypass the confirmation prompt when installing and running a package via npm [6][7]. If you intended to run a different tool, ensure the package name is correct, as "viberaven" does not have an official CLI package hosted on the npm registry for execution via npx [1][2]. If you are looking for information on VibeRaven, you can visit their official resources at viberaven.vercel.app or look for the extension within your IDE's marketplace [1][8].
Citations:
- 1: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 2: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 3: https://viberaven.dev/guides
- 4: https://github.com/shayne/viberun
- 5: https://npmx.dev/package/vibecode
- 6: https://www.exchangetuts.com/make-npx-silently-install-latest-package-version-without-prompting-user-for-input-1765906803092782
- 7: https://docs.npmjs.com/cli/v11/commands/npx/
- 8: https://www.reddit.com/r/ClaudeCode/comments/1t7o3fz/the_hardest_part_of_building_with_ai_coding_is/
🌐 Web query:
registry.npmjs.org viberaven bin
💡 Result:
There is no evidence that a package named viberaven exists on the npm registry (registry.npmjs.org). VibeRaven is a tool designed to help developers transition AI-built applications to production [1][2]. It is primarily distributed as a VS Code/Cursor extension [3][2], rather than an npm package. The term bin in the context of npm refers to a property in a package's package.json file that defines executable files (binary commands) to be installed into the path [4][5]. Because VibeRaven is not an npm package, it does not have an associated registry metadata object or a bin property on npmjs.org [4][6]. Users interested in VibeRaven should look for it on the OpenVSX registry or its official website, rather than the npm registry [3][7].
Citations:
- 1: https://viberaven.dev/guides
- 2: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 3: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 4: https://github.com/npm/registry/blob/main/docs/responses/package-metadata.md
- 5: https://gitlab.com/gitlab-org/gitlab/-/issues/275992
- 6: https://github.com/npm/registry/blob/main/docs/REGISTRY-API.md
- 7: https://www.reddit.com/r/ClaudeCode/comments/1t7o3fz/the_hardest_part_of_building_with_ai_coding_is/
🌐 Web query:
"viberaven" "--agent-mode" "--verify"
💡 Result:
VibeRaven is a VS Code and Cursor extension designed to help developers identify "launch gaps" in AI-generated projects, such as missing environment variables, configuration issues, or unverified integrations [1][2][3]. There is no public evidence to suggest that "viberaven --agent-mode --verify" is a standard or documented command-line interface for the VibeRaven software. The tool functions primarily as an extension within IDE environments (like Cursor or VS Code) rather than a standalone CLI utility [1][2]. The command structure you mentioned does not appear in official VibeRaven documentation or public repository activity [4][5][6]. It is possible that "--agent-mode" or "--verify" are commands associated with a different tool, or perhaps a hallucinated or intended workflow for interacting with an AI coding agent that utilizes VibeRaven's structural analysis [7]. VibeRaven's core functionality involves scanning repositories to provide "production-readiness snapshots" and structural quality scoring, which are then used to inform the next prompts for coding agents like Claude Code or Cursor [2][7][8].
Citations:
- 1: https://community.vercel.com/t/for-people-shipping-ai-built-apps-on-vercel/42595
- 2: https://forum.cursor.com/t/extension-verification-viberaven/161665
- 3: https://www.facebook.com/groups/codingwithai/posts/968288065974585/
- 4: https://github.com/viberaven
- 5: https://viberaven.dev/guides
- 6: https://viberaven.dev/vercel-preview-to-production-checklist
- 7: https://forum.cursor.com/t/recall-open-mcp-memory-pattern-that-survives-across-cursor-sessions/160076
- 8: https://github.com/v1b3coder
Update VibeRaven “Useful Commands” to match the actual published CLI (flags/subcommands not documented).
The example commands in rules/viberaven-production-readiness-gate.mdc (“Useful Commands”, lines ~57-62) use subcommands/flags like next --json, prompt --gap, --heal --plan --gap, --strict, and audit --vercel-supabase, but public sources describe VibeRaven primarily as an IDE extension and don’t show these exact CLI interfaces/parameters—so the snippet is likely incorrect or at least undocumented. Replace it with commands verified via the tool’s real --help/docs (or remove it if no CLI exists).
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@rules/viberaven-production-readiness-gate.mdc` around lines 57 - 62, The
"Useful Commands" snippet contains unverified CLI usage (e.g., "npx -y viberaven
next --json", "prompt --gap", "--heal --plan --gap", "--strict", "audit
--vercel-supabase"); run the published tool's help/docs (npx viberaven --help or
official docs) to confirm actual subcommands and flags, then update the file
rules/viberaven-production-readiness-gate.mdc to either replace those lines with
the exact, documented CLI invocations or remove the CLI block if no CLI exists,
ensuring any retained entries match the real command names and flags shown by
viberaven --help.
1 participant
Adds a Cursor project rule for using VibeRaven as a production-readiness gate before launch/deploy-sensitive work in AI-built apps.\n\nThe rule covers the agent loop, gate-result check, provider-action handling, and core CLI commands.\n\nValidation run locally:\n-
ode scripts/check-repo-hygiene.mjs --only readme\n-
ode scripts/check-repo-hygiene.mjs --only rules\n-
ode scripts/check-awesome-list.mjs\n\nNote: the wrapper npm scripts that call
ew URL(...).pathname\ hit a Windows path issue locally (\D:\D:\...), so I ran the underlying checks directly.
Summary by CodeRabbit