Terms of Use
The baseline terms for using GhostCode Security's website, preliminary scan, intake flows, security materials, and professional services operated by Bink Holdings LLC.
Acceptance and authority
By using the website, submitting information, requesting a scan, booking a call, purchasing services, or interacting with GhostCode Security, you agree to these terms and confirm that you are authorized to submit the relevant systems for review.
Preliminary scans
Preliminary scan results are not a penetration test, vulnerability assessment, compliance audit, security certification, or guarantee. They may be incomplete, inaccurate, false positive, or false negative.
Authorized security work
Paid security work must stay within an agreed scope. Unless separately agreed in writing, services exclude denial-of-service testing, social engineering, destructive testing, malware, and unrelated third-party systems.
No complete security guarantee
Security work reduces risk but cannot guarantee complete security or that all vulnerabilities will be found, fixed, or prevented from appearing later.
Confidentiality and liability
Confidential information is handled with reasonable care. Liability, payment, refund, dispute, and service-specific terms may be further defined in a separate written agreement.
Before you scale traffic,make sure you are not scaling exposure.
Explore GhostCode
Scan
Run a preliminary exposure estimate for your AI-built SaaS and see recommended checks across Supabase RLS, auth, APIs, storage, webhooks, secrets, business logic, and admin routes.
Security Quiz
Take the free GhostCode Security Quiz to find likely blind spots in your AI-built SaaS and get the GhostCode Audit Checklist.
Audit Checklist
A practical SaaS security checklist for AI-assisted founders covering Supabase, auth, APIs, storage, secrets, webhooks, and business logic.
Services
Compare GhostCode Security services: GhostScan Audit, GhostFix Sprint, and GhostShield Retainer for AI-assisted SaaS teams.
Supabase Security
Supabase security audits for RLS policies, anon key exposure, storage buckets, service role handling, Edge Functions, APIs, and app permissions.
AI Code Security
Security audits for AI-generated SaaS built with Lovable, Bolt, Replit, Cursor, Claude, Codex, and similar AI-assisted development tools.
Case Studies
Coming soon: anonymized GhostCode Security teardowns covering exposed Supabase policies, public buckets, admin route leaks, API abuse paths, and payment or webhook issues.
Security
How GhostCode Security handles client data, access, confidentiality, findings delivery, retention, responsible disclosure, and preliminary scan boundaries.
Book
Book a GhostCode Security call to review your AI-built SaaS, likely exposure paths, access needs, and next security steps.