What is AI vibe coding?

AI vibe coding is a new approach to software development where you describe your app in natural language and AI builds it for you. AppMuse takes this concept to mobile — generating real native iOS and Android apps with Flutter, complete with a backend and database.

Can AppMuse build real App Store apps?

Yes. AppMuse generates real Flutter applications that compile to native ARM code for both iOS and Android. You can publish directly to the Apple App Store and Google Play Store.

How is AppMuse different from Lovable?

Lovable builds web apps (React + Supabase). AppMuse builds native mobile apps (Flutter + Node.js + PostgreSQL). AppMuse apps run natively on iOS and Android with full access to device features like camera, push notifications, and offline-first local storage with queued sync.

Do I need coding experience?

No. AppMuse is designed for everyone — from entrepreneurs with an idea to experienced developers who want to move faster. The AI handles all the code generation, and you own everything it produces.

What tech stack does AppMuse use?

AppMuse generates Flutter (Dart) for the mobile app, Node.js (TypeScript) for the backend, and PostgreSQL for the database. It includes authentication, REST APIs, and file uploads out of the box.

Is my code locked in to AppMuse?

No. You own 100% of the generated code. Download it as a ZIP, sync to GitHub, and deploy anywhere. Your app works independently of AppMuse — no subscription required to keep what you built.

AppMuse

Features How it works Pricing Blog About Support

Security

Vulnerability disclosure.

We take security seriously. If you have discovered a vulnerability in any AppMuse service, please follow the policy below so we can acknowledge, triage, and fix the issue safely.

Reporting a vulnerability

Email security@appmuse.dev with a clear description of the vulnerability, steps to reproduce, and any proof-of-concept or impact assessment. Please include the affected URL or component and any environment details that help us reproduce.

Our machine-readable disclosure metadata follows RFC 9116 and is published at /.well-known/security.txt.

Response times

Acknowledgment of receipt within 2 business days.
Initial triage and severity assessment within 5 business days.
Status updates at minimum every 14 days until resolution. Critical issues prioritized with immediate mitigation when feasible.

Scope

The following assets are in scope for security research:

appmuse.dev and www.appmuse.dev (marketing site, web app)
api.appmuse.dev (platform API)
The AppMuse desktop companion app (Windows + macOS releases)

The following are explicitly out of scope:

Third-party services we depend on (Scaleway, Cloudflare, Stripe, GitHub, Anthropic, OpenAI, Google, Sentry). Report to those vendors directly.
User-generated content inside AppMuse projects (apps the user builds with our platform). The user owns that code.
Findings that require a privileged AppMuse account, social engineering, physical access, or denial of service.
Findings on staging environments unless they reveal a vulnerability that affects production.

Safe-harbor

We will not pursue legal action against researchers who follow this policy in good faith. Specifically, you must:

Make a good-faith effort to avoid privacy violations, destruction of data, or service interruption.
Only access accounts you own or have explicit permission from the account holder to test.
Give us reasonable time to investigate and remediate before any public disclosure.
Not exploit a discovered vulnerability beyond what is necessary to confirm its existence.

Bounty

AppMuse does not currently operate a paid bug-bounty program. We will publicly acknowledge researchers who report valid vulnerabilities (with their permission) and may offer swag or credits as a token of appreciation. A formal bounty may be introduced later — security.txt will be updated when that happens.

Encryption

For sensitive disclosures we recommend PGP. Our public key will be published at/security-key.asc when available. Until then, plain email to security@appmuse.dev is acceptable; we will respond from the same address.

We use cookies for authentication and to improve your experience. Privacy Policy