Proof CS
Before and after.
Anonymized audits showing what AI leaves behind — and what it takes to ship. Every case is a real repo we received, diagnosed, and fixed.
Social app blocked by Apple under Guideline 2.5.2 for dynamic JS execution. Extracted core logic, compiled to native Swift, shipped in 11 days.
BEFORE - Dynamic code execution via embedded WebView
- Hallucinated npm dependency 'react-native-secure-vault'
- Hardcoded API keys in client bundle
AFTER ![verified]()
- Static Swift binary with zero dynamic execution
- Native Keychain integration for secrets
- Clean App Store approval on first resubmission
Fitness tracker MVP with O(n²) sync logic causing ANR crashes. Refactored to Room + WorkManager. Reduced battery drain by 62%.
BEFORE - Nested loops in Bluetooth sync service
- Main-thread network requests
- Unbounded local cache growth
AFTER ![verified]()
- Background WorkManager sync with coroutines
- Bounded LRU cache with eviction policy
- Play Store approval with 4.8★ launch rating
Fintech prototype rejected three times for privacy violations. Stripped unauthorized telemetry, implemented ATT protocols, passed in 6 days.
BEFORE - Undisclosed analytics to third-party LLM endpoints
- Missing App Tracking Transparency framework
- Insecure JWT storage in UserDefaults
AFTER ![verified]()
- Zero unauthorized telemetry
- Full ATT compliance with granular consent
- Keychain-secured token storage with biometric lock
Marketplace app with slopsquatting vulnerability in hallucinated 'stripe-react-hooks' package. Audited supply chain, replaced with official SDKs.
BEFORE - Dependency on non-existent npm package
- Client-side payment processing
- No input validation on listing creation
AFTER ![verified]()
- Verified dependency tree with lockfile pinning
- Server-side Stripe integration with webhook verification
- SQL injection prevention via parameterized queries
Content app with architectural drift between AI-generated frontend and backend. Refactored API contracts, added deterministic state management.
BEFORE - Inconsistent data models across 12 endpoints
- Race conditions in optimistic UI updates
- Missing offline state handling
AFTER ![verified]()
- Unified GraphQL schema with code generation
- Redux-style state machine with strict transitions
- Offline-first architecture with sync queue
Delivery app with memory leaks causing daily crashes. Implemented proper lifecycle management and leak-free architecture.
BEFORE - Activity context leaked in static references
- Unregistered LocationListener causing GPS drain
- Bitmap allocations without recycling
AFTER ![verified]()
- Application-scoped DI with Hilt
- FusedLocationProvider with lifecycle-aware callbacks
- Glide image loading with automatic bitmap pooling