AI App Launch Security Checklist

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138

Sample inputs
Product and privacy
Production URL: https://example-ai-app.com
Collects user data: Yes
Privacy policy: Not ready
Data storage documented: Documented
Data handling: Needs review

Web security
Security headers: Not checked
OWASP basics / scan: Not run
SQL injection review: Needs review
XSS / user content review: Raw HTML risk
Admin and tenant access: UI-only protection

Secrets and data exposure
.env and repo secret scan: .env exposed
Client API responses: Business/user fields
Logs redact sensitive data: Sensitive logs
Frontend private keys: Private key exposed
Server-side key boundary: No proxy yet
Key rotation and restrictions: Needs review

Abuse and billing
Rate limits and abuse controls: No
Payments: Live checkout

Generated result
Summary: Launch risk score 0/100 (High liability risk). 10 errors, 5 warnings.

Stats
- Score: 0
- Checks: 17
- Passed: 2
- Blockers: 10
- Warnings: 5

Issues
- Critical: User data is collected, but privacy policy coverage is missing. Publish and link a privacy policy before collecting emails, accounts, client data, payment data, uploads, prompts, or analytics identifiers.
- Critical: User data handling is not documented. Document purpose, retention, deletion path, processors, consent expectations, and whether prompts or uploads train models.
- Critical: XSS notes mention unescaped or unsanitized user content. Escape output, sanitize markdown/HTML, and add tests for script tags and event-handler payloads.
- Critical: Authentication or authorization notes mention a bypass or public admin risk. Protect admin routes, server actions, object access, and user-specific records before launch.
- Critical: .env or secret leak risk was found in the checklist. Remove secrets from history, rotate exposed credentials, and keep only empty .env.example values in the repo.
- Critical: Logging notes mention request bodies, credentials, or secrets. Redact secrets, cookies, authorization headers, payment data, prompt data, and user data before logs leave the app.
- Critical: Frontend code appears to expose a provider key or secret. Move provider keys server-side, use a backend route or edge proxy, and rotate any key that reached the browser.
- Critical: Server-side key boundary is missing for private provider calls. Put AI, payment, database, and private API keys behind server routes, edge functions, or a minimal proxy.
- Critical: Credential rotation and provider restrictions are not documented. Document scopes, budgets, allowed origins, usage alerts, rotation ownership, and emergency revocation steps.
- Critical: Rate limits or abuse limits are missing. Add per-user, per-IP, and costly-action limits before a bot or retry loop can burn the API bill.
- Warning: Security headers are not documented. Check CSP, HSTS, frame protections, content-type sniffing, permissions policy, and referrer policy.
- Warning: OWASP basics or automated app security scan are not documented. Run a lightweight OWASP Top 10 pass, ZAP/Burp-style crawl, dependency audit, or equivalent checklist.
- Warning: SQL injection review is not documented. Check every user-controlled database query, including search, filters, webhooks, and admin tools.
- Warning: API response notes include potentially sensitive business or user fields. Confirm each exposed field is needed by the UI and allowed by your privacy policy.
- Warning: Payment or billing launch risk is called out. Confirm webhook signing, idempotency, refund access, test/live mode separation, and customer data handling.

Output
AI app pre-launch security checklist
App URL: https://example-ai-app.com
Risk score: 0/100 - High liability risk
Checklist: 2/17 documented, 10 blockers, 5 review gaps

Checks

1. [PASS] User data collection scope is explicitly acknowledged.
   Evidence: Collects accounts, emails, uploads, prompts, payments, analytics IDs, or customer records.
   Next: Make sure every user data surface below has policy, storage, retention, deletion, and processor coverage.

2. [FIX] User data is collected, but privacy policy coverage is missing.
   Evidence: Privacy policy is not ready.
   Next: Publish and link a privacy policy before collecting emails, accounts, client data, payment data, uploads, prompts, or analytics identifiers.

3. [PASS] Data storage location is documented.
   Evidence: Database, storage vendor, region, backups, and processors are documented.
   Next: Confirm this matches production, backups, logs, analytics, and third-party processors.

4. [FIX] User data handling is not documented.
   Evidence: Data handling is not documented.
   Next: Document purpose, retention, deletion path, processors, consent expectations, and whether prompts or uploads train models.

5. [REVIEW] Security headers are not documented.
   Evidence: Security headers have not been checked.
   Next: Check CSP, HSTS, frame protections, content-type sniffing, permissions policy, and referrer policy.

6. [REVIEW] OWASP basics or automated app security scan are not documented.
   Evidence: OWASP basics or automated app security scan has not been run.
   Next: Run a lightweight OWASP Top 10 pass, ZAP/Burp-style crawl, dependency audit, or equivalent checklist.

7. [REVIEW] SQL injection review is not documented.
   Evidence: SQL injection review has not been completed.
   Next: Check every user-controlled database query, including search, filters, webhooks, and admin tools.

8. [FIX] XSS notes mention unescaped or unsanitized user content.
   Evidence: Raw HTML or unsanitized user content risk was found.
   Next: Escape output, sanitize markdown/HTML, and add tests for script tags and event-handler payloads.

9. [FIX] Authentication or authorization notes mention a bypass or public admin risk.
   Evidence: Admin access is hidden in the UI but not checked on the server.
   Next: Protect admin routes, server actions, object access, and user-specific records before launch.

10. [FIX] .env or secret leak risk was found in the checklist.
   Evidence: .env or another secret was exposed in repository history.
   Next: Remove secrets from history, rotate exposed credentials, and keep only empty .env.example values in the repo.

11. [REVIEW] API response notes include potentially sensitive business or user fields.
   Evidence: API responses return business or user fields such as email, role, or billing IDs.
   Next: Confirm each exposed field is needed by the UI and allowed by your privacy policy.

12. [FIX] Logging notes mention request bodies, credentials, or secrets.
   Evidence: Logs include request bodies, credentials, authorization headers, or secrets.
   Next: Redact secrets, cookies, authorization headers, payment data, prompt data, and user data before logs leave the app.

13. [FIX] Frontend code appears to expose a provider key or secret.
   Evidence: A private provider key is exposed in frontend code or environment variables.
   Next: Move provider keys server-side, use a backend route or edge proxy, and rotate any key that reached the browser.

14. [FIX] Server-side key boundary is missing for private provider calls.
   Evidence: Private provider calls do not have a server-side proxy or backend boundary yet.
   Next: Put AI, payment, database, and private API keys behind server routes, edge functions, or a minimal proxy.

15. [FIX] Credential rotation and provider restrictions are not documented.
   Evidence: Credential rotation and provider restrictions are not documented.
   Next: Document scopes, budgets, allowed origins, usage alerts, rotation ownership, and emergency revocation steps.

16. [FIX] Rate limits or abuse limits are missing.
   Evidence: Rate limits and abuse controls are missing.
   Next: Add per-user, per-IP, and costly-action limits before a bot or retry loop can burn the API bill.

17. [REVIEW] Payment or billing launch risk is called out.
   Evidence: Live checkout or billing is planned.
   Next: Confirm webhook signing, idempotency, refund access, test/live mode separation, and customer data handling.

Priority next actions
1. Publish and link a privacy policy before collecting emails, accounts, client data, payment data, uploads, prompts, or analytics identifiers.
2. Document purpose, retention, deletion path, processors, consent expectations, and whether prompts or uploads train models.
3. Check CSP, HSTS, frame protections, content-type sniffing, permissions policy, and referrer policy.
4. Run a lightweight OWASP Top 10 pass, ZAP/Burp-style crawl, dependency audit, or equivalent checklist.
5. Check every user-controlled database query, including search, filters, webhooks, and admin tools.

Note: This is a practical pre-launch checklist, not legal advice or a full penetration test.