Skills
.Work. You
Rest

scan-fase-3

Community

RLS exposure testing for Supabase.

Software Engineering#testing#security#vulnerability#rls#rest#graphql#supabase
Authorricardoo022
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Row Level Security policies can misconfigure access control, leading to unintended data exposure on Supabase-backed apps. This skill provides a structured, repeatable method to validate RLS enforcement across REST and GraphQL interfaces, adapt to discovered schema from FASE 2, and document exposure vectors for remediation.

Core Features & Use Cases

  • Tests RLS policies across common user tables using REST and GraphQL to detect data exposure.
  • Applies filter bypass, GraphQL bypass, and relationship traversal techniques to uncover weaknesses in policy coverage.
  • Produces structured results detailing tested tables, vulnerabilities found, and recommended mitigations for security teams.

Quick Start

Invoke with /scan-fase-3 {url} to begin RLS testing against the target application.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: scan-fase-3
Download link: https://github.com/ricardoo022/PentestAI-with-claude-code/archive/main.zip#scan-fase-3

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.