GoForLaunch Scan your repo
Supabase RLS

Supabase RLS scanner for multi-tenant SaaS

Find missing or weak Supabase Row Level Security policies before tenant data can cross workspace boundaries.

Run a free scan Read the checklist
Built for

Teams using Supabase Auth, Postgres and tenant-scoped data. GoForLaunch focuses on practical launch blockers rather than enterprise-only vulnerability labels.

What gets checked

  • Tables created without ENABLE ROW LEVEL SECURITY
  • Policies that use USING(true) or WITH CHECK(true)
  • Policies that do not reference auth.uid(), auth.jwt() or tenant membership claims
  • Service-role keys that can reach browser or client-rendered code

What you get back

Separate true tenant-isolation bugs from routine launch cleanup
Understand the business risk of each RLS finding
Prioritize policies that protect customer data first
Supabase RLS Scanner | GoForLaunch