Loading...
Loading...
Found 54 Skills
Test Row Level Security (RLS) policies for common bypass vulnerabilities and misconfigurations.
Analyze Supabase authentication configuration for security weaknesses and misconfigurations.
Attempt to read data from exposed tables to verify actual data exposure and RLS effectiveness.
Orchestrate a complete Supabase security audit with guided step-by-step execution and ownership confirmation.
Quick reference for all Supabase security audit skills with usage examples and command overview.
Generate a comprehensive Markdown security audit report with executive summary, findings, and remediation guidance.
Identify storage buckets that are publicly accessible and may contain sensitive data.
CRITICAL - Detect exposed PostgreSQL database connection strings in client-side code. Direct DB access is a P0 issue.
Extract the Supabase anon/public API key from client-side code. This key is expected in client apps but important for RLS testing.
Attempt to list and read files from storage buckets to verify access controls.
Detect if a web application uses Supabase by analyzing client-side code, network patterns, and API endpoints.
Discover and test Supabase Edge Functions for security vulnerabilities and misconfigurations.