Seatbelt

Built for everyday people using agents for coding.

Engineer rails so you ship fast and safely. So you don't feel scared of stopping or sharing what the agent built. Seatbelt runs a Ship Read in about a minute. Fix lands in your agent. Flagged pushes park on a PR, not your live site.

Check. Fix. Again. Cleared to share. Commit with proof. About a minute.

Agent changed the build. Seatbelt is ready to check.

Check, fix, again, cleared. Six surfaces every pass. Step through. Play is optional.

After the agent

The build just changed

Checkout landed. Before you share, Seatbelt reads the artifact, not the agent's "we're done" story.

  • Checkout route added
  • Payments wired in
  • A key pattern in the public build

Ship Read

Not cleared to share. Hard gates open.

  • Login Sign in present. Route looks scoped. Info
  • Payments Checkout route found. Stripe shaped pieces. Soft
  • Secrets Key pattern in the public build. Hard
  • Customer data Profiles table referenced in ORM. Info
  • Databases ORM config found. No open admin UI. Info
  • Risky shortcuts Debug delete route still in tree. Soft

Back in your agent

Fix lands here

One tap sends the fix into Cursor or Claude. Run again before you share.

Fix in my agent

Re check

2 fixed. 1 verified.

Keys out of the public build and rotated. Debug route gone. Checkout ran end to end.

Cleared to share

Hard gates closed. Forward the proof when you are ready.

Report link withseatbelt.com/r/demo

View report
1 / 4 · Step with arrows

Who it's for

Seatbelt is a Ship Read for AI built apps with real risk. It is not a static site checker or a pentest.

Why CEOs care: An independent check you can share so engineering knows you didn't skip a look. Secondary to shipping fast.

How to use Seatbelt

Stay in the loop. Hand Seatbelt the build, get a Ship Read, Fix back in the same agent. Run it again each time you're about to ship.

  1. Give it the app

    Project folder or ZIP export. Not the agent's "we're done" story. Preview URL and git come next.

  2. Read the Ship Read

    About a minute on the scary surface areas. Plain English. Share link after every check.

  3. Fix in your agent

    One tap sends the fix to Cursor, Claude, or whatever you use. Then run again until you hear cleared to share.

  4. Commit with proof

    Say commit this safely or push my changes. Cleared commits carry the Ship Read link. Flagged pushes smart route to a PR so nothing scary lands on main.

What you type in the agent

Four commands. Check, fix, again, report. The agent offers a buckle after risky edits. You hear a one line verdict, up to three flags, then the next move. Fix ends with again until you are cleared to share. Pushing to a live site counts as shipping: say commit this safely or push my changes. Cleared commits carry the Ship Read link, flagged pushes get parked on a PR instead of main.

Loop

/seatbelt

seatbelt

Run a Ship Read on the project you just built. One line verdict, up to three flags, one next move.

MCP · seatbelt_scan · Alias: /seatbelt check · am I clear to share?

Pairs with

What happens

  1. Agent scans the app folder (no path quiz)
  2. You get a plain English verdict and report link
  3. After login, payments, or keys change, the agent may offer this first

Not silent on every message. You ask when you are about to ship, or the agent nudges after risky edits.

Include Seatbelt

Optional · no MCP

Paste this into agent rules on ChatGPT.com or other hosts without MCP. On Cursor or Claude, prefer MCP when it is live. This is the fallback.

Before you claim the app is done or ready to ship:
1. If Seatbelt MCP is configured: call seatbelt_scan on the project
   folder or ZIP export.
2. If MCP is not available: ask me for the export and run
   https://withseatbelt.com once. Do not treat your own summary as the report.
3. Reply with one line verdict, up to three flags, one next move.
4. For each flag with a fix prompt, apply it in this chat, then run
   again until I am cleared to share, or accept the risk.
5. When I ask you to commit or push and that deploys the site:
   check first. Cleared: commit with the Ship Read link in the
   message. Hard gates: branch and PR instead of main, fix, run
   again, then merge. Never commit an exposed key anywhere.

What the buckle watches

Scary surfaces on AI built apps, read as one system. Seatbelt skims structure clues on the folder or ZIP you share, then sends Fix into your agent.

  1. Ship Read
  2. Fix
  3. Share
  4. Next pass

Login and accounts

Sign in surfaces and who can see what. Hard stop only if private data looks wide open.

Info. Hard if exposed

Payments and money

Checkout, Stripe shaped pieces, webhooks. Soft fix so you verify before real charges.

Soft fix queued

Secrets and keys

API keys and env looking names in the build. Public leaks get a hard gate.

Hard if public

Customer data

Orders, profiles, emails, uploads. Soft note so you know the app holds people.

Info noted

Databases

ORM config, raw SQL concat, DB URLs in client, SQLite in public, open DB admin UIs. Structure clues only, not live probing.

Hard if careless

Risky shortcuts

Open admin, debug leftovers, delete everything routes. Hard stop when destructive.

Hard if destructive

Honest scope: Structure and clues on the folder or ZIP you share. Not a pentest. Not hacking production. Built for apps with login, money, or customer data, not plain HTML or static marketing sites.

Proof you can share

Every Ship Read ends in a report: what got flagged, what your agent fixed, and the pass that cleared it

You earn Verified by Seatbelt only after a real scan on an app with substance. Plain marketing pages that find almost nothing do not get a badge. It links to your report, not a sticker.

Verified by Seatbelt
Badge only after a real scan clears the scary gates

No magic. Here's what we check

Seatbelt does not hack your database or pretend to be a pentest. It reads the build you share, the way a careful friend would skim it.

A sixty second map so you keep shipping, not a vuln scoreboard or another CodeRabbit.

Questions

How do I add Seatbelt?

Start with Get started: install from the monorepo, run /seatbelt init for an optional .seatbelt/ latch, then /seatbelt for a Ship Read. Early access also has a browser path. Prefer MCP in Cursor for the daily loop. No MCP? One web scan, then paste fixes back. Optional fallback rule: Include Seatbelt.

What does Seatbelt check?

The scary surface areas on AI built apps: accounts, money, secrets, customer data, databases, and risky shortcuts. You hand it a project folder or ZIP. It skims that build. It does not hack production or read customer private data. See What the buckle watches.

Why not just ask ChatGPT?

ChatGPT (and your coding agent) will summarize what they think they built. Seatbelt reads the real project folder or ZIP you share, then gives you a shareable report and a Fix in agent path. Independent of the agent's "we're done" story. Stay in the loop and run it again before each ship.

I only built a marketing page. Do I need Seatbelt?

Probably not yet. If it only markets and does not hold real risk, you're usually fine. Seatbelt shines when the app does real things. If a scan finds almost nothing, we say so honestly. Run again when the product logs people in, takes money, or stores customer data.

Does this slow us down? Is my stuff private?

About a minute, then back to shipping. There is no review queue. Scans are ephemeral; we don't keep your source. Free during early access.

Get early access

Free while we build. Hand Seatbelt a folder or ZIP. About a minute of clarity in the build loop. Then keep shipping.

Get started See a sample report