SupaShield
Catch Supabase RLS bugs before production
Pitch
SupaShield tests your Supabase RLS policies automatically.
Catches permission leaks, tests real user contexts, and runs in CI/CD.
Built after a Lovable app data leaked 13k of users' data - no more 2am debugging sessions.
Description
SupaShield - Automated RLS testing CLI for Supabase
Catch permission leaks before they hit production. Tests all CRUD operations, storage buckets, and real user contexts.
Why?
RLS testing is a pain. Manual testing doesn't scale, permission logic is error-prone, and security bugs are expensive to fix in production.
What it does
- Auto-discovers your schema and generates tests
- Tests all CRUD operations (SELECT/INSERT/UPDATE/DELETE)
- Tests storage bucket RLS policies
- Simulates real user contexts from auth.users
- Runs in CI/CD pipelines
- Exports to pgTap format
- 100% transactional (safe for production DBs)
Built after the Lovable app that leaked 13k of users' data - showed how easy it is to miss RLS bugs.
0 comments
No comments yet.
Sign in to be the first to comment.