Supabase RLS Security Scanner

Secure your
Supabase app
in 10 seconds.

Paste your project URL and API keys. Get a full RLS security report instantly.

Your API keys are used only for this scan and never stored.

Scan in progress...

01

Real Behavior Probes

Real HTTP requests verify anon key READ/WRITE access per table. No guessing — actual responses.

02

Keys Never Stored

Your API keys are used in-memory for the scan only. Never logged, never persisted. The scan result contains no credentials.

03

One-click Fix SQL

Every unprotected table gets a ready-to-run SQL policy with a direct link to your Supabase SQL editor.

Ship secure.
Scan before you deploy.

Scan for free