This AI-built app leaked every user's email. Here's the line.

A founder generated a CRM in a weekend. It worked in the demo. It shipped on Friday.

The /api/contacts route never checked who was asking. Any logged-in user could read every other tenant’s rows by incrementing an id. 14,000 records. Nobody read the diff that removed the tenancy guard — the agent ‘simplified’ the query and the human approved the green checkmark, not the code.

The line that killed it: the where org_id = $current clause the refactor dropped. One line. No review caught it because no one read the review.