Skip to main content
VibeAudit All posts

Product

Free scan vs. Reveal vs. Launch Pass: what you actually get

Published 2026-07-11

You should not have to buy a security report blind. VibeAudit starts with a visitor-initiated scan of a public app origin you are authorized to assess. There is no VibeAudit account, source upload, or card before the scoped result appears.

The three lanes answer three different jobs: decide whether anything needs attention, see exactly where the evidence points, or leave with fix guidance and verifiable launch artifacts. Here is the boundary between them.

Free: decide whether anything is worth unlocking

Free intentionally stops before exact locations, full evidence, remediation, coding-agent prompts, exports, and badge generation. It is enough to make an informed upgrade decision, not a complete paid report.

  • A scoped grade for the public surface that was actually observed.
  • Severity counts, issue categories, and permitted liability labels.
  • Concrete locked finding teasers so you can see that evidence exists before paying.
  • The scope statement and unsupported areas, which remain labeled Security Unverified.

Reveal - US$9 / CA$12 once: see exactly where

Choose Reveal when you can fix the issues yourself and mainly need the redaction removed. Reveal does not add remediation, copy-paste AI-fix prompts, Markdown or HTML export, the browser-local Launch File workflow, or a verifiable badge.

  • Every finding's exact location.
  • The full severity and evidence summary for the paid URL result.
  • A result bound to the same normalized exact origin that entered checkout.

Launch Pass - US$29 / CA$39 once: fix and prove

Choose Launch Pass when the next job is not just finding the issue but fixing it and carrying a checkable record into a launch. The owned-fixture demo stops before checkout, so it does not claim that a purchase, Launch File, entitlement, or badge was created in that recording.

  • Everything in Reveal for the authorized origin.
  • Remediation and copy-paste prompts for your own coding agent, such as Cursor, Claude Code, or Lovable.
  • Markdown and HTML exports of the paid URL result.
  • The separate browser-local Launch File and verifiable Launch Security Pass badge workflow.
  • Manual rescans included, rate-limited for abuse.

The 30-second choice

Reveal and Launch Pass are one-time purchases. Monthly Watch is optional and separate; it is not required to own either paid result.

  • Need a scoped triage result before deciding? Start Free.
  • Need exact locations and evidence, and you will fix it yourself? Choose Reveal.
  • Need remediation, coding-agent prompts, exports, and verifiable launch artifacts? Choose Launch Pass.

What none of the three lanes prove

None is a penetration test or a blanket security guarantee. A public URL scan cannot prove every authenticated authorization path, private dependency, business rule, or human process. Clean results are labeled Clear in Verified Scope, and anything unsupported remains Security Unverified.

Paid access also stays bound to the purchased origin. Buying a result for one app does not authorize or unlock a scan for another app.

Start with the evidence, not the checkout

Run the free scan first. You will see the scoped grade, severity counts, categories, and locked teasers before deciding whether Reveal or Launch Pass matches the job.

Questions people ask

Do I need a VibeAudit account or card for the free scan?
No. You enter a public app origin you are authorized to assess and see the scoped free result without a VibeAudit account, source upload, or card.
What is the practical difference between Reveal and Launch Pass?
Reveal removes the redaction so you can see exact locations and full evidence. Launch Pass adds remediation, coding-agent prompts, Markdown and HTML exports, plus the separate browser-local Launch File and verifiable badge workflow.
Are Reveal and Launch Pass subscriptions?
No. Reveal is US$9 / CA$12 once and Launch Pass is US$29 / CA$39 once. Monthly Watch is a separate optional subscription.
Can I use one paid result to scan a different app?
No. Checkout, entitlement, the success handoff, and the paid rerun preserve the normalized exact origin. A paid result for one origin cannot be reused for another.
Does any tier prove my app is secure?
No. Every tier reports evidence for a defined scope. Clean results are labeled Clear in Verified Scope, while surfaces that were not tested remain Security Unverified.

Check your launch, not your luck.

The free Thorough Scan runs against your live URL - severity counts and categories in about a minute, no code upload, no card.

Keep reading