Transparency
AI Disclaimer
Verilay uses AI to analyse code. Here is exactly what that means — the good and the limitations.
What AI Verilay uses
Verilay uses Claude, built by Anthropic — one of the leading AI safety companies. Claude reads your code files and generates security findings, plain-English explanations, and advice prompts.
What AI does well here
- ✅ Reads code and explains what it does in plain English
- ✅ Identifies common security patterns and anti-patterns
- ✅ Understands platform-specific patterns (Supabase, Replit, Firebase, Lovable)
- ✅ Generates safe investigative prompts tailored to your specific codebase
- ✅ Explains findings at different levels — technical and plain English
Known limitations
- ⚠️ False positives — may flag correct code as a potential issue
- ⚠️ False negatives — may miss genuine security issues
- ⚠️ File sample only — analyses up to 25 files, not your entire codebase
- ⚠️ Score variation — same codebase may score slightly differently on different runs
- ⚠️ No code execution — reads code statically, cannot test actual runtime behaviour
- ⚠️ Not a penetration test — does not attempt to exploit vulnerabilities
How we reduce AI errors
Verilay includes extensive platform awareness rules — over 30 patterns that tell Claude what correct behaviour looks like for Lovable, Replit, Supabase, Firebase, Drizzle, NextAuth, Clerk, and more. These rules are updated continuously based on real-world false positives reported by users.
The verify feature lets you confirm findings with your AI builder and update the report — so the score reflects verified reality, not just static analysis.
When to get a professional review
Verilay is a first-pass overview. For apps that handle:
- Medical or health data
- Financial transactions or payment card data
- Personal data covered by GDPR or similar regulations
- Authentication for enterprise or B2B customers
We recommend a professional security review in addition to Verilay. Services like Snyk and CodeRabbit provide deeper analysis.
Anthropic responsible AI
Claude is built by Anthropic with a focus on AI safety and responsible deployment. Learn more at anthropic.com.