// documentation

Add VybeSec to your app

VybeSec monitors both your browser (client) and your backend (server). For most apps you need two snippets — one for the frontend, one for the server. If you only have a frontend with no custom backend, one snippet is enough.

How it works

VybeSec has two capture layers that work together. Understanding both helps you decide what to install.

🌐Client SDKbrowser

Runs in your user's browser. Catches JavaScript crashes, React errors, failed network requests, and Web Vitals. Also records the 60-second session replay before a crash (Pro).

Package: @vybesec/sdk

⬡Server SDKserver

Runs on your backend. Catches API route crashes, Supabase edge function failures, webhook handler errors, and any server exception — silently, before your users notice.

Packages: @vybesec/node · @vybesec/deno · @vybesec/cloudflare

Once either SDK captures an error, it sends it to VybeSec's global edge ingest in under 20ms. Claude AI then generates a plain-English explanation and a ready-to-paste fix prompt for your exact tool. Both client and server errors appear in the same issues feed — each tagged so you know where it came from.

Which SDK do I need?

Where does the code run?	SDK to install	Runtime
Browser — React, Vue, Svelte, Next.js client, Vanilla JS	@vybesec/sdk	browser
React Native / Expo mobile app	@vybesec/react-native	mobile
Node.js — Next.js API routes, Express, Fastify, Hono, NestJS	@vybesec/node	server
Supabase Edge Functions (Deno runtime)	@vybesec/deno	server
Cloudflare Workers, Durable Objects, Pages Functions	@vybesec/cloudflare	server
Python — FastAPI, Flask, Django	vybesec (pip)	server

💡

Most apps need two SDKs — one for the browser, one for the backend. A Lovable or Bolt app typically uses @vybesec/sdk for the frontend and @vybesec/deno for Supabase Edge Functions. A Cursor-built Next.js app uses @vybesec/sdk client-side and @vybesec/node for API routes.

Your first setup

Get both client and server monitoring running in under 5 minutes.

Step 1 — Get your key

Step 2 — Client (browser)

npm install @vybesec/sdk

// Add to your entry file — before anything renders
import { init } from "@vybesec/sdk"
init({
  key: "pk_live_YOUR_KEY",   // your key from the dashboard
  platform: "react",          // see the platform list below
  environment: "production",
  enableVitals: true,         // capture LCP, FCP, CLS, INP, TTFB
  enableReplay: true,         // 60s session replay before crash (Pro)
})

Step 3 — Server (if you have a backend)

Choose based on where your backend runs:

Supabase / Deno→Next.js / Node.js→Cloudflare Workers→

Step 4 — Trigger a test error

// Paste this in your browser console or a button click handler
setTimeout(() => {
  throw new Error("VybeSec test error — " + new Date().toISOString())
}, 1000)

// For server testing — in a route handler:
throw new Error("VybeSec server test")

✓

The error should appear in your dashboard within 30–60 seconds. If it doesn't, check that your public key is correct and that init() is called before the error fires.

Configuration options

All options for the client SDK init() call. Only key is required.

Option	Type	Default	Description
key*	string	—	Your public project key (starts with pk_). Required.
platform	string	"other"	Your AI tool or framework ID. Personalises fix prompts. See Section 3 of SKILLS.md for the full list.
environment	string	"production"	Set to "development" during local testing to filter dev errors from your dashboard.
release	string	undefined	Your app version — e.g. "web@1.2.3". Helps trace which deploy introduced a bug.
userId	string	undefined	Associate errors with a specific user. Use your internal user ID — never an email address.
sampleRate	number	1	0–1. Fraction of events to capture. Use 0.5 to capture 50% at high volume.
enableVitals	boolean	true	Capture Web Vitals (LCP, FCP, CLS, INP, TTFB). Disable to reduce event volume on Free plan.
enableReplay	boolean	true	Enable 60-second session replay before errors. Only activates on Pro plan — free plan ignores this silently.

// ai builders

AI builder guides

Copy the prompt below and paste it directly into your builder's AI chat. You don't need to touch any files yourself.

Lovable

Script tag

Lovable builds React apps. Use the script tag approach — paste the prompt directly into Lovable's chat. Replace pk_live_YOUR_KEY with your actual key first.

Paste into Lovable

Add VybeSec error monitoring to my app. 1. Open index.html (in the public/ folder or project root). 2. Inside the <head> tag, add this script before the closing </head>: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="lovable" data-environment="production" async> </script> Do not modify any other files. Do not add sdk.js.map. If index.html isn't found or you see errors, stop and ask. Do not guess.

💡

If your Lovable app uses Supabase for the backend, also add the Supabase server SDK — see the Supabase section below. Server functions crash silently without it.

Bolt

Script tag

Bolt projects have a standard index.html. Same approach as Lovable — script tag in the head.

Paste into Bolt

Add VybeSec error monitoring to this app. Find the main index.html file. In the <head> section, add this script tag: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="bolt" data-environment="production" async> </script> Place it before the closing </head> tag. Don't add any other VybeSec files. If you cannot find index.html or see errors, stop and ask. Do not guess.

Replit

Script tag

Replit supports both HTML apps and React/Node projects. The prompt handles both cases.

Paste into Replit

Add VybeSec error monitoring to my Replit project. If this is an HTML/JS project: - Find index.html and add this to the <head>: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="replit" async></script> If this is a React/Node project: - Run: npm install @vybesec/sdk - In the main entry file (index.js, main.jsx, or App.jsx), add at the very top before rendering: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "replit", environment: "production" }) If you are unsure which entry file is correct, list candidates and ask. Do not guess.

v0

npm install

v0 generates Next.js or React components. Add VybeSec at the app root after importing the v0 code into your project.

Paste into v0 / your editor after importing

I'm using this component in a Next.js app. Please also add VybeSec error monitoring. Install the package: npm install @vybesec/sdk Then create this file: app/VybeSecProvider.tsx ---- "use client" import { useEffect } from "react" import { init } from "@vybesec/sdk" export function VybeSecProvider() { useEffect(() => { init({ key: "pk_live_YOUR_KEY", platform: "v0", environment: "production" }) }, []) return null } ---- And add <VybeSecProvider /> at the top of the <body> in app/layout.tsx. If any error appears, quote it exactly and ask for clarification. Do not invent fixes.

Base44

Script tag

Use this exact prompt in Base44. It forces file discovery to avoid hallucinations.

Paste into Base44

You are configuring VybeSec in a Base44 project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="base44" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "base44", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

Emergent

Script tag

Use this exact prompt in Emergent. It forces file discovery to avoid hallucinations.

Paste into Emergent

You are configuring VybeSec in a Emergent project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="emergent" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "emergent", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

Tempo Labs

Script tag

Use this exact prompt in Tempo Labs. It forces file discovery to avoid hallucinations.

Paste into Tempo Labs

You are configuring VybeSec in a Tempo Labs project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="tempo" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "tempo", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

Webdraw

Script tag

Use this exact prompt in Webdraw. It forces file discovery to avoid hallucinations.

Paste into Webdraw

You are configuring VybeSec in a Webdraw project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="webdraw" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "webdraw", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

Wix Vibe

Script tag

Use this exact prompt in Wix Vibe. It forces file discovery to avoid hallucinations.

Paste into Wix Vibe

You are configuring VybeSec in a Wix Vibe project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="wix-vibe" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "wix-vibe", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

Hostinger AI Builder

Script tag

Use this exact prompt in Hostinger AI Builder. It forces file discovery to avoid hallucinations.

Paste into Hostinger AI Builder

You are configuring VybeSec in a Hostinger AI Builder project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="hostinger-ai" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "hostinger-ai", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

Databutton

Script tag

Use this exact prompt in Databutton. It forces file discovery to avoid hallucinations.

Paste into Databutton

You are configuring VybeSec in a Databutton project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="databutton" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "databutton", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

Firebase Studio

Script tag

Use this exact prompt in Firebase Studio. It forces file discovery to avoid hallucinations.

Paste into Firebase Studio

You are configuring VybeSec in a Firebase Studio project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="firebase-studio" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "firebase-studio", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

YouWare

Script tag

Use this exact prompt in YouWare. It forces file discovery to avoid hallucinations.

Paste into YouWare

You are configuring VybeSec in a YouWare project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="youware" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "youware", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

HeyBoss

Script tag

Use this exact prompt in HeyBoss. It forces file discovery to avoid hallucinations.

Paste into HeyBoss

You are configuring VybeSec in a HeyBoss project. Rules (do not skip): 1) Do NOT guess file paths or frameworks. Inspect the project tree first and name the exact entry file(s) you found. 2) If this is a plain HTML app (index.html in root, no framework build step): - Insert this inside <head> exactly: <script src="https://cdn.vybesec.io/v1/sdk.js" data-key="pk_live_YOUR_KEY" data-platform="heyboss" data-environment="production" async> </script> 3) If this is React/Vite/Next (package.json + src/main.tsx or src/index.tsx): - Run: npm install @vybesec/sdk - Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "heyboss", environment: "production" }) 4) If this is Next.js App Router (app/ directory): - Create app/VybeSecProvider.tsx (client component) that calls init() in useEffect. - Render <VybeSecProvider /> in app/layout.tsx. 5) If there are multiple candidate entry files, LIST them and ASK which to use. Error handling (mandatory): - If any error appears, paste the exact error text, name the file + line it points to, and explain only what the error proves. - Do not invent fixes. If you are unsure, ask for the missing file/logs. Do not add sdk.js.map. Do not invent files that don't exist.

// agentic ides & cli

IDEs and agents you already use

If you build inside Cursor, Windsurf, Claude Code, or any agentic IDE or CLI, paste the prompt below and let it wire everything up.

Universal agentic IDE prompt

npm install

Works with any agentic IDE or CLI. It handles both client and server setup in one pass.

Paste into Any agentic IDE

Add VybeSec full-stack monitoring to this project. STEP 1 — Client (browser) 1) Inspect the project. Find the real entry file (src/main.tsx, app/layout.tsx, src/index.tsx, etc). 2) Install: npm install @vybesec/sdk 3) Add before the render call (or in a useEffect for Next.js): import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "cursor", environment: "production", enableVitals: true, enableReplay: true }) 4) For Next.js App Router: create app/VybeSecProvider.tsx as a "use client" component calling init() in useEffect. Render it in app/layout.tsx. STEP 2 — Server (if this project has API routes or a backend) 5) Install: npm install @vybesec/node 6) Create instrumentation.ts at the project root: export async function register() { if (process.env.NEXT_RUNTIME === "nodejs") { const { init } = await import("@vybesec/node") init({ key: "pk_live_YOUR_KEY", platform: "cursor", environment: process.env.NODE_ENV }) } } 7) In next.config.ts add: experimental: { instrumentationHook: true } 8) In .env.local add: NEXT_PUBLIC_VYBESEC_KEY=pk_live_YOUR_KEY If you encounter errors: quote the exact error text and ask before continuing. Do not guess.

Works with: Cursor, Windsurf, Trae, Kiro, Antigravity, JetBrains AI, GitHub Copilot, Augment, Amazon Q, Claude Code, Cline, Codex, Aider, Devin, OpenHands, Continue.dev, RooCode, Goose, Open Interpreter, Tabby, Cody, Junie, Jules, AmpCode.

Cursor

npm install

Tell Cursor exactly which file to edit. The key is init() before the render call.

Paste into Cursor

Install @vybesec/sdk and add it to the app's entry file. The entry file is probably src/main.tsx or src/index.tsx. Add these two lines at the very top, before anything renders: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "cursor", environment: "production" }) Make sure init() is called before ReactDOM.createRoot(...).render(...). Don't create a separate file for this — it belongs in the entry file. If you hit an error, paste the exact error message and ask for confirmation. Do not guess.

Windsurf

npm install

Same as Cursor — entry file, before the render call.

Paste into Windsurf

Install @vybesec/sdk. In the app's entry file (src/main.tsx or src/index.tsx), add at the very top before the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "windsurf", environment: "production" }) It must be called before ReactDOM.createRoot().render() — not inside a component. If you hit an error, paste the exact error message and ask for confirmation. Do not guess.

Trae

npm install

Use this exact prompt in Trae. It forces file discovery and prevents guesses.

Paste into Trae

You are working inside Trae. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "trae", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Kiro

npm install

Use this exact prompt in Kiro. It forces file discovery and prevents guesses.

Paste into Kiro

You are working inside Kiro. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "kiro", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Antigravity

npm install

Use this exact prompt in Antigravity. It forces file discovery and prevents guesses.

Paste into Antigravity

You are working inside Antigravity. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "antigravity", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

JetBrains AI

npm install

Use this exact prompt in JetBrains AI. It forces file discovery and prevents guesses.

Paste into JetBrains AI

You are working inside JetBrains AI. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "jetbrains-ai", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

GitHub Copilot

npm install

Use this exact prompt in GitHub Copilot. It forces file discovery and prevents guesses.

Paste into GitHub Copilot

You are working inside GitHub Copilot. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "github-copilot", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Augment Code

npm install

Use this exact prompt in Augment Code. It forces file discovery and prevents guesses.

Paste into Augment Code

You are working inside Augment Code. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "augment-code", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Amazon Q Developer

npm install

Use this exact prompt in Amazon Q Developer. It forces file discovery and prevents guesses.

Paste into Amazon Q Developer

You are working inside Amazon Q Developer. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "amazon-q", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Claude Code

npm install

Use this exact prompt in Claude Code. It forces file discovery and prevents guesses.

Paste into Claude Code

You are working inside Claude Code. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "claude-code", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Cline

npm install

Use this exact prompt in Cline. It forces file discovery and prevents guesses.

Paste into Cline

You are working inside Cline. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "cline", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

OpenAI Codex

npm install

Use this exact prompt in OpenAI Codex. It forces file discovery and prevents guesses.

Paste into OpenAI Codex

You are working inside OpenAI Codex. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "codex", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Aider

npm install

Use this exact prompt in Aider. It forces file discovery and prevents guesses.

Paste into Aider

You are working inside Aider. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "aider", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Devin

npm install

Use this exact prompt in Devin. It forces file discovery and prevents guesses.

Paste into Devin

You are working inside Devin. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "devin", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

OpenHands

npm install

Use this exact prompt in OpenHands. It forces file discovery and prevents guesses.

Paste into OpenHands

You are working inside OpenHands. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "openhands", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Continue.dev

npm install

Use this exact prompt in Continue.dev. It forces file discovery and prevents guesses.

Paste into Continue.dev

You are working inside Continue.dev. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "continue", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

RooCode

npm install

Use this exact prompt in RooCode. It forces file discovery and prevents guesses.

Paste into RooCode

You are working inside RooCode. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "roocode", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Goose

npm install

Use this exact prompt in Goose. It forces file discovery and prevents guesses.

Paste into Goose

You are working inside Goose. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "goose", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Open Interpreter

npm install

Use this exact prompt in Open Interpreter. It forces file discovery and prevents guesses.

Paste into Open Interpreter

You are working inside Open Interpreter. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "open-interpreter", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Tabby

npm install

Use this exact prompt in Tabby. It forces file discovery and prevents guesses.

Paste into Tabby

You are working inside Tabby. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "tabby", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Cody

npm install

Use this exact prompt in Cody. It forces file discovery and prevents guesses.

Paste into Cody

You are working inside Cody. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "cody", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Junie

npm install

Use this exact prompt in Junie. It forces file discovery and prevents guesses.

Paste into Junie

You are working inside Junie. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "junie", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

Jules

npm install

Use this exact prompt in Jules. It forces file discovery and prevents guesses.

Paste into Jules

You are working inside Jules. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "jules", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

AmpCode

npm install

Use this exact prompt in AmpCode. It forces file discovery and prevents guesses.

Paste into AmpCode

You are working inside AmpCode. Add VybeSec with zero guessing. Rules: 1) Locate the real entry file (src/main.tsx, src/index.tsx, main.jsx, etc). If there are multiple, list them and ask. 2) Install: npm install @vybesec/sdk 3) Add BEFORE the render call: import { init } from "@vybesec/sdk" init({ key: "pk_live_YOUR_KEY", platform: "ampcode", environment: "production" }) 4) If this is Next.js App Router, create a client-only provider and mount it in app/layout.tsx instead. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by the code or logs. - If you cannot prove a fix from evidence, ask for the missing info. Do not create speculative files or mock code. If unsure, stop and ask.

// frameworks

Framework guides

Next.js

npm install

Next.js needs two setups — one for the browser, one for the server. Both use the same public key.

💡

Do not call init() directly in layout.tsx — that file runs on the server. Use the client component wrapper below.

Client (browser errors)

Create app/VybeSecProvider.tsx:

// app/VybeSecProvider.tsx
"use client"

import { useEffect } from "react"
import { init } from "@vybesec/sdk"

export function VybeSecProvider() {
  useEffect(() => {
    init({
      key: process.env.NEXT_PUBLIC_VYBESEC_KEY!,
      platform: "nextjs",
      environment: process.env.NODE_ENV,
      enableVitals: true,
      enableReplay: true,
    })
  }, [])
  return null
}

Add to app/layout.tsx:

// app/layout.tsx
import { VybeSecProvider } from "./VybeSecProvider"

export default function RootLayout({ children }: { children: React.ReactNode }) {
  return (
    <html lang="en">
      <body>
        <VybeSecProvider />
        {children}
      </body>
    </html>
  )
}

Server (API route errors)

Create instrumentation.ts at the project root:

// instrumentation.ts  ← root of project, next to package.json
export async function register() {
  if (process.env.NEXT_RUNTIME === "nodejs") {
    const { init } = await import("@vybesec/node")
    init({
      key: process.env.NEXT_PUBLIC_VYBESEC_KEY!,
      platform: "nextjs",
      environment: process.env.NODE_ENV,
    })
  }
}

Enable it in next.config.ts:

const nextConfig = {
  experimental: {
    instrumentationHook: true,
  },
}
export default nextConfig

Add to .env.local:

NEXT_PUBLIC_VYBESEC_KEY=pk_live_YOUR_KEY

✓

This covers your entire app — every page, every API route, every user session. You don't need to add anything else.

React (Vite / CRA)

npm install

Call init() in your entry file — the file that calls ReactDOM.createRoot(). Must run before render.

// src/main.tsx
import React from "react"
import ReactDOM from "react-dom/client"
import { init } from "@vybesec/sdk"
import App from "./App"

init({
  key: "pk_live_YOUR_KEY",
  platform: "react",
  environment: import.meta.env.MODE === "production" ? "production" : "development",
  enableVitals: true,
  enableReplay: true,
})

ReactDOM.createRoot(document.getElementById("root")!).render(
  <React.StrictMode>
    <App />
  </React.StrictMode>
)

Vue 3

npm install

Initialize in main.ts before createApp().mount().

// src/main.ts
import { createApp } from "vue"
import { init } from "@vybesec/sdk"
import App from "./App.vue"

init({ key: "pk_live_YOUR_KEY", platform: "vue", environment: "production" })

createApp(App).mount("#app")

Svelte

npm install

// src/main.ts
import App from "./App.svelte"
import { init } from "@vybesec/sdk"

init({ key: "pk_live_YOUR_KEY", platform: "svelte", environment: "production" })

const app = new App({ target: document.getElementById("app")! })
export default app

SvelteKit

npm install

// src/hooks.client.ts  ← client-only, runs in the browser for every page
import { init } from "@vybesec/sdk"
init({ key: "pk_live_YOUR_KEY", platform: "sveltekit", environment: "production" })

Nuxt 3

npm install

// plugins/vybesec.client.ts  ← .client suffix = browser only
import { init } from "@vybesec/sdk"
export default defineNuxtPlugin(() => {
  init({ key: "pk_live_YOUR_KEY", platform: "nuxt", environment: "production" })
})

Angular

npm install

// src/main.ts
import { init } from "@vybesec/sdk"
import { bootstrapApplication } from "@angular/platform-browser"
import { AppComponent } from "./app/app.component"
import { appConfig } from "./app/app.config"

init({ key: "pk_live_YOUR_KEY", platform: "angular", environment: "production" })
bootstrapApplication(AppComponent, appConfig).catch(console.error)

Remix

npm install

// app/entry.client.tsx
import { RemixBrowser } from "@remix-run/react"
import { init } from "@vybesec/sdk"
import { hydrateRoot } from "react-dom/client"

init({ key: "pk_live_YOUR_KEY", platform: "remix", environment: "production" })
hydrateRoot(document, <RemixBrowser />)

Astro

npm install

---
// src/layouts/Base.astro
---
<html>
  <head>
    <script type="module">
      import { init } from "@vybesec/sdk"
      init({ key: "pk_live_YOUR_KEY", platform: "astro", environment: "production" })
    </script>
  </head>
  <body><slot /></body>
</html>

Solid

npm install

// src/index.tsx
import { render } from "solid-js/web"
import { init } from "@vybesec/sdk"
import App from "./App"

init({ key: "pk_live_YOUR_KEY", platform: "solid", environment: "production" })
render(() => <App />, document.getElementById("root")!)

Qwik

npm install

// src/root.tsx
import { component$, useVisibleTask$ } from "@builder.io/qwik"
import { init } from "@vybesec/sdk"

export default component$(() => {
  useVisibleTask$(() => {
    init({ key: "pk_live_YOUR_KEY", platform: "qwik", environment: "production" })
  })
  return <div id="root">{/* your app */}</div>
})

Gatsby

npm install

// gatsby-browser.js
import { init } from "@vybesec/sdk"
export const onClientEntry = () => {
  init({ key: "pk_live_YOUR_KEY", platform: "gatsby", environment: process.env.NODE_ENV })
}

Vanilla JS (CDN)

Script tag

No build tools needed — drop this into any HTML file.

<!DOCTYPE html>
<html>
  <head>
    <script src="https://cdn.vybesec.io/v1/sdk.js" async></script>
    <script>
      window.addEventListener("load", function () {
        window.VybeSec.init({
          key: "pk_live_YOUR_KEY",
          platform: "vanilla",
          environment: "production",
        })
      })
    </script>
  </head>
  <body><!-- your app --></body>
</html>

// mobile

Mobile — React Native & Expo

Built with Rork, RapidNative, Create + Expo, or any React Native / Expo project.

Rork

npm install

Paste into Rork

You are configuring VybeSec in a Rork mobile project (React Native / Expo). Rules (do not skip): 1) Locate the real entry file. Common ones: - App.tsx / App.jsx - app/_layout.tsx (Expo Router) 2) Install: npx expo install @vybesec/react-native @react-native-async-storage/async-storage 3) Add BEFORE the app renders: import { init } from "@vybesec/react-native" init({ key: "pk_live_YOUR_KEY", platform: "rork", environment: "production" }) 4) If there are multiple possible entry files, list them and ask which to use. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by evidence. - If you are unsure, ask for the missing file/logs. Do not add any CDN script tags. Do not invent files.

RapidNative

npm install

Paste into RapidNative

You are configuring VybeSec in a RapidNative mobile project (React Native / Expo). Rules (do not skip): 1) Locate the real entry file. Common ones: - App.tsx / App.jsx - app/_layout.tsx (Expo Router) 2) Install: npx expo install @vybesec/react-native @react-native-async-storage/async-storage 3) Add BEFORE the app renders: import { init } from "@vybesec/react-native" init({ key: "pk_live_YOUR_KEY", platform: "rapidnative", environment: "production" }) 4) If there are multiple possible entry files, list them and ask which to use. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by evidence. - If you are unsure, ask for the missing file/logs. Do not add any CDN script tags. Do not invent files.

Create + Expo

npm install

Paste into Create + Expo

You are configuring VybeSec in a Create + Expo mobile project (React Native / Expo). Rules (do not skip): 1) Locate the real entry file. Common ones: - App.tsx / App.jsx - app/_layout.tsx (Expo Router) 2) Install: npx expo install @vybesec/react-native @react-native-async-storage/async-storage 3) Add BEFORE the app renders: import { init } from "@vybesec/react-native" init({ key: "pk_live_YOUR_KEY", platform: "create-expo", environment: "production" }) 4) If there are multiple possible entry files, list them and ask which to use. Error handling (mandatory): - If any error appears, quote the exact error, point to the file/line, and only propose fixes supported by evidence. - If you are unsure, ask for the missing file/logs. Do not add any CDN script tags. Do not invent files.

React Native

npm install

💡

Use @vybesec/react-native — not @vybesec/sdk. The mobile package includes RN-specific instrumentation (startup time, FPS, memory warnings, insecure HTTP detection) that the web SDK doesn't have.

npm install @vybesec/react-native @react-native-async-storage/async-storage
npx pod-install  # bare RN only

// App.tsx
import { init } from "@vybesec/react-native"
import AppRoot from "./src/AppRoot"

init({
  key: "pk_live_YOUR_KEY",
  platform: "react-native",
  environment: "production",
  enableVitals: true,   // app startup, screen render, JS FPS
  enableReplay: false,  // replay is browser-only
})

export default AppRoot

What gets captured automatically

✓Global JS errors

✓Unhandled promise rejections

✓Slow / failed network requests

✓App cold start time

✓Screen render speed

✓JS thread FPS drops

✓Insecure HTTP requests

✓Deep-link parameter leaks

✓AsyncStorage token exposure

✓Memory pressure warnings

Expo

expo install

npx expo install @vybesec/react-native @react-native-async-storage/async-storage

Expo Router — app/_layout.tsx

// app/_layout.tsx
import { init } from "@vybesec/react-native"
import { Slot } from "expo-router"

init({
  key: "pk_live_YOUR_KEY",
  platform: "expo",
  environment: "production",
  enableVitals: true,
})

export default function RootLayout() {
  return <Slot />
}

Classic Expo — App.tsx

// App.tsx
import { init } from "@vybesec/react-native"
init({ key: "pk_live_YOUR_KEY", platform: "expo", environment: "production" })

export default function App() {
  return <NavigationContainer>...</NavigationContainer>
}

// server sdks

Server-side monitoring

Your backend crashes silently. The browser never knows. Your users see a spinner that never resolves and you have no idea why.

What the client SDK misses — and the server SDK catches:

⬡Stripe webhook that silently fails to process payments

⬡Supabase edge function throwing on every auth callback

⬡API route returning 500 to all mobile users (browser shows nothing)

⬡Cron job timing out for 3 days straight

⬡Database query failing at 500 concurrent users

⬡OpenAI API call failing and catch block swallowing the error

Node.js

npm install⬡ server-side

Covers Next.js API routes, Express, Fastify, Hono, NestJS. Deployed anywhere Node.js runs — Vercel, Railway, Render, Fly.io, Replit.

npm install @vybesec/node

Next.js App Router — instrumentation.ts

Create this file at your project root (same level as package.json):

// instrumentation.ts
export async function register() {
  if (process.env.NEXT_RUNTIME === "nodejs") {
    const { init } = await import("@vybesec/node")
    init({
      key: process.env.NEXT_PUBLIC_VYBESEC_KEY!,
      platform: "nextjs",
      environment: process.env.NODE_ENV,
    })
  }
}

// next.config.ts — add this:
// experimental: { instrumentationHook: true }

Wrapping API route handlers

// app/api/checkout/route.ts
import { withVybesec } from "@vybesec/node/nextjs"

export const POST = withVybesec(async (req: Request) => {
  // your route logic
  return Response.json({ ok: true })
})

Express

import { init, vybesecErrorHandler } from "@vybesec/node"

init({ key: "pk_live_YOUR_KEY", platform: "other", environment: "production" })

const app = express()
// ... all your routes ...
app.use(vybesecErrorHandler())  // must be last
app.listen(3000)

Hono

import { Hono } from "hono"
import { init, vybesecMiddleware } from "@vybesec/node"

init({ key: "pk_live_YOUR_KEY", platform: "other", environment: "production" })

const app = new Hono()
app.use("*", vybesecMiddleware())
// ... your routes ...
export default app

Manual capture

import { captureException } from "@vybesec/node"

try {
  await stripe.charges.create(/* ... */)
} catch (err) {
  captureException(err, {
    route: "/api/checkout",
    method: "POST",
    statusCode: 500,
  })
  throw err // re-throw so the caller handles the response
}

Supabase Edge Functions

npm install⬡ server-side

Supabase Edge Functions run on Deno — not Node.js. Use @vybesec/deno. This is the most important server integration for Lovable and Bolt apps.

⬡

If you built with Lovable or Bolt and use Supabase, this is the integration that catches your backend crashes. Every auth callback, webhook handler, and edge function is invisible without it.

Step 1 — Create a shared helper file

Add this to supabase/functions/_shared/vybesec.ts:

// supabase/functions/_shared/vybesec.ts
import { init, withVybesec } from "npm:@vybesec/deno"

init({
  key: Deno.env.get("VYBESEC_KEY") ?? "",
  platform: "lovable",  // or "bolt", "other"
  environment: "production",
})

export { withVybesec }

Step 2 — Wrap each edge function

// supabase/functions/stripe-webhook/index.ts
import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
import { withVybesec } from "../_shared/vybesec.ts"

serve(
  withVybesec("stripe-webhook", async (req: Request) => {
    const body = await req.json()
    // your existing webhook logic here
    return new Response(JSON.stringify({ ok: true }), {
      headers: { "Content-Type": "application/json" },
    })
  })
)

Step 3 — Set the secret

supabase secrets set VYBESEC_KEY=pk_live_YOUR_KEY

Repeat Step 2 for every edge function in your project — auth callbacks, email handlers, data webhooks, cron jobs. Each one wraps in under 30 seconds.

Paste into Lovable / Bolt (Supabase)

Add VybeSec monitoring to all my Supabase Edge Functions. 1) Create supabase/functions/_shared/vybesec.ts: import { init, withVybesec } from "npm:@vybesec/deno" init({ key: Deno.env.get("VYBESEC_KEY") ?? "", platform: "lovable" }) export { withVybesec } 2) For each edge function, import withVybesec and wrap the serve handler: import { withVybesec } from "../_shared/vybesec.ts" serve(withVybesec("function-name", async (req) => { // existing function logic here })) 3) Run: supabase secrets set VYBESEC_KEY=pk_live_YOUR_KEY If you hit any errors or cannot find the function files, stop and ask.

Cloudflare Workers

npm install⬡ server-side

For any backend running on Cloudflare Workers or Pages Functions. Use ctx.waitUntil() to ensure the error send completes before the response returns.

bun add @vybesec/cloudflare
# or: npm install @vybesec/cloudflare

// worker.ts
import { init, captureError } from "@vybesec/cloudflare"

export default {
  async fetch(request: Request, env: Env, ctx: ExecutionContext): Promise<Response> {
    init({
      key: env.VYBESEC_KEY,
      platform: "other",
      environment: "production",
    })

    try {
      return await handleRequest(request, env)
    } catch (err) {
      // waitUntil ensures the send completes even after response is returned
      ctx.waitUntil(captureError(err, { request }))
      return new Response("Internal Server Error", { status: 500 })
    }
  },
}

Add your key to wrangler.toml:

[vars]
VYBESEC_KEY = "pk_live_YOUR_KEY"

Python

pip install⬡ server-side

FastAPI, Flask, or Django backends deployed to Railway, Render, or Fly.io.

pip install vybesec

FastAPI

from fastapi import FastAPI
from vybesec import init
from vybesec.integrations.fastapi import VybesecMiddleware

init(key="pk_live_YOUR_KEY", platform="other", environment="production")

app = FastAPI()
app.add_middleware(VybesecMiddleware)

Flask

from flask import Flask
from vybesec import init
from vybesec.integrations.flask import init_flask

init(key="pk_live_YOUR_KEY", platform="other", environment="production")
app = Flask(__name__)
init_flask(app)

Manual capture

from vybesec import capture_exception

try:
    process_payment(user_id)
except Exception as exc:
    capture_exception(exc, route="/api/checkout", method="POST", status_code=500)
    raise

// sdk reference

SDK methods

Everything VybeSec captures is automatic once you call init(). These methods let you add extra context when you need it.

init(config)

Initialize the SDK. Call once at app startup — everything else is automatic.

Parameter	Type	Required	Description
key	string	Yes	Your public SDK key from the dashboard (starts with pk_)
platform	string	No	Your AI tool or framework — personalises fix prompt format. See Section 3 of SKILLS.md for the full ID list.
environment	string	No	Defaults to 'production'. Set to 'development' during local testing.
sampleRate	number	No	0–1. Default 1.0. Use 0.5 to capture 50% of events at high volume.
enableVitals	boolean	No	Capture Web Vitals (LCP, FCP, CLS, INP, TTFB). Default true.
enableReplay	boolean	No	Enable session replay. Only activates on Pro plan — silently ignored on Free/Starter.

captureError(error, context?)

Manually capture an error. Use inside try/catch blocks when you want extra context attached.

Example

try {
  await processPayment(order)
} catch (err) {
  VybeSec.captureError(err, {
    userId: user.id,
    orderId: order.id,
    amount: order.total.toString(),
  })
}

Parameter	Type	Required	Description
error	Error \| unknown	Yes	The error object to capture
context	Record<string, string>	No	Extra key-value pairs attached to this event — useful for order IDs, user states, feature flags.

captureMessage(message, level?)

Capture a custom message — for events that aren't errors but you still want to track, like a payment declining or a user hitting a rate limit.

Example

VybeSec.captureMessage("Payment declined — insufficient funds", "warning")
VybeSec.captureMessage("User hit rate limit on /api/search", "info")

Parameter	Type	Required	Description
message	string	Yes	The message to capture
level	'error' \| 'warning' \| 'info'	No	Defaults to 'info'

setUser(user)

Link errors to a specific user. Call after login so you know exactly who was affected by each error.

Example

// After your user signs in:
VybeSec.setUser({
  id: user.id,          // internal user ID — never use email or PII
  username: user.name,  // optional display name
})

// On sign out:
VybeSec.setUser(null)

Parameter	Type	Required	Description
id	string	Yes	Your internal user ID. Never pass email addresses or other PII.
username	string	No	Optional display name shown in the VybeSec dashboard.

// rest api

REST API

Authentication

Pass your secret API key as a Bearer token. This is your private key — keep it out of client-side code. It starts with sk_live_, not pk_live_.

Authorization: Bearer sk_live_YOUR_SECRET_KEY

Endpoints

GET/v1/projectsList all projects in your account

POST/v1/projectsCreate a new project

GET/v1/projects/:id/issuesList issues for a project (paginated)

PATCH/v1/projects/:id/issues/:fpUpdate issue status — resolved or ignored

GET/v1/projects/:id/analyticsGet analytics data for a time range

GET/v1/projects/:id/securityGet security health score and findings

POST/v1/projects/:id/alertsCreate an alert rule

DELETE/v1/projects/:id/alerts/:alertIdDelete an alert rule

Webhook events

Subscribe to events in project settings. VybeSec POSTs a signed JSON payload to your URL whenever one fires.

issue.newA new error type appears for the first time

issue.resolvedAn issue is marked resolved

issue.regressedA previously resolved issue reappears

alert.firedAn alert rule threshold is breached

security.findingA new security vulnerability is detected

digest.sentThe weekly digest email was delivered

On this page

Use this table of contents to move through the full integration guide without losing your place.

Getting started

AI builders

Agentic IDEs

Frameworks

Mobile

Server SDKs

SDK Reference

REST API