auth() rls api rolepolicy row jwt keybucket rpc scan logroute hook id paytoken edge user file
SaaS security quiz

Is your AI-built SaaSquietly exposed?

Answer 5 quick questions and get the free GhostCode Audit Checklist - a founder-friendly security checklist to fix the most common issues before attackers find them.

Preview Checklist

Takes 60 seconds. No code access required. No fake pentest claims.

ghostcode://audit-checklist

The GhostCode Audit Checklist

Supabase / Database

Review RLS, policies, RPC permissions, service role handling, and row ownership.

Auth & Sessions

Verify protected routes, admin checks, reset flows, callbacks, and role changes.

APIs & Endpoints

List public endpoints, test direct calls, check authorization, rate limits, and ID access.