In this livestream, I wanted to have an honest talk about something that’s been bothering me for a while: the explosion of AI-assisted (and straight-up “vibe-coded”) self-hosted apps getting pushed into the community by well-meaning devs who don’t have a security background. AI tools have absolutely lowered the barrier to entry, and I’m not here to gatekeep development—but enthusiasm doesn’t replace secure coding practices. When you’re running random code on your homelab (and especially when you’re exposing it to the internet behind a reverse proxy), you’re taking on real risk. I also talked about the bigger ecosystem problem: YouTube pushing shorts, live streams, and AI slop, while long-form videos from creators who actually put in the work get buried. And on the self-hosting side, I’m seeing more “AI assisted app” posts popping up, and it’s honestly terrifying how many people will publish code without knowing whether they introduced basic vulnerabilities like XSS/CORS issues, leaks, or other security foot-guns. My takeaway is simple: self-hosting is awesome, but you’ve got to be picky—vet what you run, be careful what you expose, and don’t assume “it works” means “it’s safe.”