My project was compromised or Major Security bug. 11 days no response from replit

calariva75 · September 25, 2025, 6:30pm

So I believe it was the 12th of this month I logged into my project decided to do a basic walkthrough of the workflow user registration on my app and there is an age verification modal and I’ve been on this project for a month. The modal wouldn’t work so I asked for bug testing the agent appeared confused and this was implemented the first week of the project. It then asked for my API secrets which is in my database RED FLAGS WENT UP in my head. I asked to what’s going on. And again the agent appeared unsure. I asked the agent to verify anyone logging in to the project and possible compromise or hack. The agent began some test that I’ve been informed was essentially the agent crashing. And trying to recover itself. Immediately said stop and instructed no further work till i talked to support. I filed my ticket then had my partner back up our code. 4 days later STILL NO RESPONSE FROM REPLIT? I spome to the agent and asked to do a check and inventory to get an idea of whats going on. Agent discovered git lock in place. Filed a ticket ONCE AGAIN along with follow up emails.

7 DAYS GO BY - still no God damn response or even acknowledged my concerns.!!

Again another inventory and check in with agent and discussion re APi secrets. Agent discovered secrets had been removed! Now I’m panicking. Agent still confused I had to reexplain the status of the project we had gotten to. We even had implemented webhook secrets. agent was able to confirm webhook secrets were in place and safe but this only confirms that this is either significant fraud or a major concern in the agents program. API secrets removed and agent crashing and unsure of the project details

SENT SECURITY 2 EMAILS with agents summary of everything. Its now Day 11

WTF REPLIT. while I understand your dealing with the repercussions of a failed launch on agent 3 from my perspective. I’m greatly disappointed in the fact that my concerns have major security implications and I can’t get a simple “were working on it” from either department. I worked for 3 startups in the silicon valley all are now public Multi million dollar companies I know what busy and buried is but never did we just flat out ignore customers

11 Days - 5 emails from myself - 1 from my partner - possible financial security concerns.

Oh and to add to this I’m getting notifications of a failed payment. Well how about contacting me first. Yesterday when I logged in it was asking me to join as a new member. No unpaid invoice I can see my project but cant test it. Today it’s normal with past amount due. But I’m very reluctant to pay if I can’t get a single response. Credit is due!

Anyone have any advice

FranciscoCM · September 25, 2025, 9:22pm

Hey there

So sorry to hear you are encountering some issues and would love to see if we can help.
Can you please send me your submitted ticket number?

mikecoffin11 · September 26, 2025, 10:33am

Their support is pretty terrible in general. What I have found is that they are often working on items behind the scenes but their communication is really bad. I’ve had tons of support tickets, ones that i believe are absolute Sev 1 show stoppers (i have one like that now) and they seem to be almost indifferent. I have to believe this is due to their stratospheric growth and they will get better, but in the mean time we all just suffer.

Gipity-Steve · September 26, 2025, 11:55am

They’ve just raised $250m series C. So expect some of it to go on a big new support team. fingers crossed.

calariva75 · September 27, 2025, 2:00pm

I’m actually locked out of my project even though it’s paid in full with the screen telling me I have to pay more to keep it private and the advice I just got after my support clearly stated that the API secrets were removed webhooks remain. So clearly an API secrets was there. And a git lock is in place so I can’t do anything. The AI can’t tell who put git lock in place.

calariva75 · September 28, 2025, 9:49pm

Hi sorry your response got buried. My ticket number is 165827.

Btw my account is paid in full and I can’t access my project because it’s telling to join Replit core which I’ve been using for almost 2 months. So I can’t even check on my project right now.

jefftj86 · September 28, 2025, 10:11pm

they have horrific support, i’m on about day 9 or so waiting on a response as well, to be fair though I finally got some movement on my project so my issue is partially resolved, it wasn’t doing anything at all a few days ago and at least now i’m getting some progress, but i did not get any response.

FranciscoCM · September 29, 2025, 7:07pm

No worries at all and thanks for sending this over!
I went ahead and flagged this internally with the team and will also follow up via DM

Topic		Replies	Views
Day 5 - No Dev Enviro View / No Customer Support / Takes Credits / No Results Bugs using-replit , agent , bug	5	21	April 9, 2025
Agent has serious issues Agent & Assistant using-replit	9	150	May 27, 2025
Summary of Replit issues - ALL MEMBERS, PLEASE CONTRIBUTE ASAP Bugs using-replit , workspace , agent , announcement , bug	64	585	September 28, 2025
I can't access replit website & depoloyments Bugs using-replit , database , workspace , bug	0	37	March 13, 2025
Holy CRAP! This new replit workflow, eradicates ALL BUGS! Tips & Tricks agent , assistant	4	391	February 21, 2025

My project was compromised or Major Security bug. 11 days no response from replit

Related topics