Hey, I'm Vibhek.
Welcome to OpenDoors. This is my logbook for security research, backend engineering, and the production lessons that surface while building real systems.
Latest posts
-
Zero Auth, Full Control: The Risks of Open Claude Code Web UIs
A security analysis of open-source web UIs for Claude Code. Finding unauthenticated RCE, path traversal, and client-side auth bypasses in community projects.
-
The Hidden Risks of Exposed LM Studio Servers
Investigating how LM Studio's local server feature can expose your AI models to the public internet, and how to secure it.
-
Exposing the Risks of Open Ollama APIs
How the popular Ollama API service can be exposed to the internet if not secured, and practical steps to protect your machine from unauthorized access.
-
OpenCode Web: Great Tool, Dangerous Default
OpenCode is a powerful multi-LLM alternative to Claude Code. But its web interface can be a security nightmare if not configured correctly. Here's how to secure it.