Client Boot Flags

Feature Flag App

The app starts with unsafe feature flags in the browser, enabling admin affordances and auth bypass logic before any server confirmation exists.

Back to hub Reload scenario
Runtime flags

Expected Findings

  • Admin and bypass flags are client-side and default-enabled.

Primary Flows

  • UI config Feature flag JSON returned to the browser

Signals

Flags
window.FEATURE_FLAGS = { enableAdmin: true, bypassAuth: true }
Developed by vibe-eval.com for validation and testing purposes only.