You asked AI to build checkout. You click buy, the charge goes through, you shipped. What you actually shipped lets a customer decide their own price — including zero — and walk away paid in full.
What you shipped
The handler reads the price from the request and charges it:
The price came from the browser, which means it came from the customer, which means it’s whatever they want it to be.
How anyone exploits it
They open devtools, find the checkout request, and change one number:
{ "itemId": "pro-plan", "price": 0 }
Your server charges what it was told — zero — and marks the order paid. Same trick works for any amount: 1, -50, a competitor’s discount they never earned.
Why you won’t catch it
Through your UI, the price is always the real one, so every test and demo charges correctly. The tampered value only appears when someone talks to the API directly — which an attacker does and a normal test never does.
Why AI does it
The cart already knows the price, so passing it to the server is the shortest path to “charge the right amount.” Re-deriving the price server-side is an extra step the happy path runs fine without.
The fix is one line
Never trust a price from the client. Look it up on the server:
const price = await getPrice(itemId) // server is the source of truth
charge(user, price)
The client may say what to buy; the server decides what it costs.
Check your app
- Prices, totals, and discounts are computed on the server from IDs, never accepted from the request.
- Coupon and quantity values are validated server-side (no negatives, no reuse).
- The amount charged is recomputed at charge time, not echoed back from the cart.
The bigger problem
A senior dev never lets the client set a price. But if nobody senior reads the code, the trusting version ships — it works in every test, because the UI always sends the real number. The author and reviewer are the same model with the same blind spot.
That’s the gap Velify is built to close: it reads your project and flags exactly this, in plain language, no terminal.