v0.2.0 ยท npm i -g flieger

One command turns localhost โ†’ a safe public URL.

We scan your code for leaked secrets, then open the tunnel. Built for humans and the agents shipping with them.

$ npx flieger share
Free forever No signup Works with Claude Code ยท Cursor ยท Cline
01 Problem

Shipping fast is great. Shipping secrets isn't.

AI coding tools put a public URL within reach in minutes โ€” and the safety step got skipped. There's no layer between localhost and the internet that knows what's in your code.

Minute 0

Your agent writes an API call

The model takes the easy path and inlines an OpenAI key directly in App.tsx.

Minute 4

You share the preview

ngrok, a Cloudflare tunnel, a quick deploy โ€” pick your flavor. None of them read your source.

Minute 60

A scraper has the key

Public URLs get crawled within minutes. Rotate-and-hope becomes the weekend plan.

02 Solution

flieger is the safety layer before your app goes public.

One command. No config. No Docker. No vercel.json. It scans first, then opens the tunnel โ€” and refuses to start if something critical is exposed.

What happens when you run it

  • 01Detect stack & port
  • 02Run the safety pass
  • 03Open Cloudflare tunnel
  • 04Hand you a URL + QR
02b How it compares

Same tunnel. A safety layer nobody else has.

flieger sits on top of Cloudflare's proven tunneling infrastructure. What's new is the gate โ€” the thing that runs before the URL goes public.

flieger
ngrok
cloudflared
One command, zero config
โœ“ yes
~ signup
โœ— flags
Scans code for leaked secrets
โœ“ yes
โœ— no
โœ— no
Blocks tunnel on critical finding
โœ“ Security Pro
โœ— no
โœ— no
Structured --json for AI agents
โœ“ first-class
~ API
โœ— no
Stable subdomain
โœ“ Pro โ‚ฌ9
~ $8+
~ domain req.
03 What it catches

Three checks. Zero LLM guessing. Nothing leaves your laptop.

Deterministic rules for the three ways vibe-coded apps get pwned most often. Every "my app leaked" thread on X starts with one of these.

01

Hard-coded API keys

Scans your source for OpenAI, Anthropic, Stripe, GitHub, Google, Slack, AWS keys. Flags plaintext hits so you can rotate before someone runs up your bill overnight.

02

Secrets in Git

Checks that .env is in .gitignore โ€” and that it wasn't committed earlier in your history. If it was, flieger tells you exactly how to rotate and scrub.

03

Wide-open CORS

Detects cors(), origin: '*', and friends โ€” configs that let any site on the web call your API from a logged-in user's browser.

For AI coding agents

Your agent can deploy apps without ever exposing secrets.

Tell it "ship this." It runs flieger share --json, reads the URL from a structured response, and paste-backs โ€” with any security findings already triaged. Non-interactive. Exit codes that mean something.

Claude Code Cursor Cline Aider
claude code
โ— online
you Deploy this so I can show it to Jenny.
claude

Done. Live at my-recipe-app.flieger.app.

I also fixed one issue โ€” your .env wasn't in .gitignore, so your Supabase service role key would have hit the next commit.

Tunnel stays up until you close this terminal.

04 Why it matters

Public apps are risky. AI-written ones are riskier.

The cost of a leak isn't theoretical โ€” and the rate at which code is produced has jumped an order of magnitude. The safety layer has to keep up.

Leaks cost real money
A single exposed API key can run up $5kโ€“$20k before you notice.

Scrapers hit new public subdomains in minutes, and rate limits don't save you on a fresh account.

Public = attack surface
Every share is an internet-facing endpoint.

Open CORS, missing auth, wide-open admin routes โ€” "it's just a demo" is the exact time these ship.

AI code moves faster than review
Agents write code in seconds, ship in minutes.

Human review is no longer the last gate โ€” so the gate has to be the tunnel itself.

05 Pricing

Start free. Upgrade when the pain becomes yours.

Free covers the CLI and all three safety checks. Paid tiers add a stable subdomain and a deeper scan engine.

Free
โ‚ฌ0 / forever
"I just want to share this quickly."
  • Unlimited flieger share
  • All 3 basic safety checks
  • Agent-friendly --json output
  • Random *.trycloudflare.com URL
  • One concurrent share
  • Laptop must be running
Install from npm
Pro ยท Workflow
โ‚ฌ9 / month
"I share daily and random URLs are embarrassing."
  • Everything in Free
  • Stable *.flieger.app subdomains
  • Up to 3 concurrent shares
  • Slug reservation โ€” nobody else can take your-app
  • Share history with per-share safety report
  • Cancel anytime ยท EU VAT included
Go Pro โ†’
Security Pro
โ‚ฌ19 / month
"Don't let me accidentally ship a secret again."
  • Everything in Pro
  • Deep scan engine โ€” AST-based, not just regex
  • Git history scan โ€” catches committed secrets
  • Dependency risk warnings
  • Pre-share gate โ€” blocks the tunnel on critical findings
  • CI integration โ€” flieger check --ci fails GitHub Actions on new leaks
Get Security Pro โ†’

all plans ยท cancel anytime ยท EU VAT included

06 FAQ

Questions people ask.

Can't find yours? Use the form below โ€” you'll actually get a reply.

Why not just use ngrok or Cloudflare directly?

You can. ngrok and cloudflared give you a tunnel; they don't check your code for leaks before opening it. flieger's point is the safety pass that runs first โ€” and the fact that it's one command instead of six flags.

Does flieger see my source code?

No. All scans run locally. The tunnel forwards HTTP traffic between Cloudflare's edge and your dev server โ€” flieger never reads, logs, or transmits your files. Open source: the published package is exactly what runs.

My AI agent wrote sketchy code. Will flieger catch everything?

No tool will. flieger catches the three biggest, most-common ways vibe-coded apps leak โ€” the ones on every postmortem thread. Deeper scans (RLS, rate-limit, cookie flags) are on the Pro roadmap. For the rest, you still need a human review โ€” flieger just makes sure the obvious stuff never ships.

Is the free tier actually free? Forever?

Yes. Free tunnels go through Cloudflare's Quick Tunnels, which are free for reasonable use. We don't charge for the free tier because there's nothing to charge for โ€” no servers, bandwidth, or storage on our side.

What happens when I close my laptop?

The URL stops. Pro gives you a stable slug โ€” your URL stays my-app.flieger.app across restarts โ€” but the tunnel still needs your laptop running. Persistent 24/7 tunnels are on the roadmap.

Can I use it with Python, Go, FastAPI, Hono?

Yes. The tunnel is language-agnostic. flieger auto-detects Next.js, Vite, SvelteKit, Nuxt, and Express; for anything else, pass --port 3000 (or whatever port your server is on).

How does the agent integration actually work?

Run flieger share --json in any agent environment โ€” Claude Code, Cursor, Cline, Aider. You get a single JSON object with the URL, tier, and safety report. The tunnel keeps running until the agent kills it. A native MCP server is coming; for now stdout JSON is the contract.

How do I cancel Pro?

Self-serve in your Lemon Squeezy customer portal โ€” link is in your receipt. Cancel anytime; you keep Pro through the billing period. No calls, no emails, no dark patterns.

07 Contact

Say hi.

Bug reports, feature requests, "can you make it detect X" โ€” drop a line. I read everything and usually reply within a day.

Ship the next thing. Without the 3am Stripe email.

One command. Free forever. No signup. Works in whatever agent you already have open.

$ npx flieger share
โ†’ npm โ†’ pricing โ†’ contact