supabase misconfiguration scanner
Supabase misconfiguration scanner for safer launches
Find the Supabase settings that commonly expose app data before launch, including RLS gaps, public buckets, leaked keys, and unsafe auth rules.
6 min read
Blog
Security guides for
vibe-coded apps.
Practical, no-jargon guides to help you find and fix the vulnerabilities AI leaves behind.
supabase rls checker
Supabase RLS checker: review policies before launch
A practical guide to reviewing Supabase row level security policies, testing app roles, and catching public data exposure before launch.
7 min read
supabase security scan
Supabase security scan checklist before you launch
A practical prelaunch checklist for Supabase apps covering RLS, exposed keys, auth flows, storage buckets, secrets, and public attack surface.
8 min read
detect leaked credentials in javascript
Detect leaked credentials in JavaScript before launch
A practical prelaunch guide to finding exposed keys, tokens, and secrets in browser-delivered JavaScript before attackers or users find them.
7 min read
public secret exposure check
Public secret exposure check before launch
A practical launch checklist for finding public leaks in web apps, JavaScript bundles, environment files, source maps, and deployed pages.
7 min read
frontend api key leak
Frontend API key leak: find and fix it before launch
A practical guide to finding browser-exposed keys, judging real risk, rotating affected credentials, and preventing repeat leaks before launch.
6 min read