Supabase Audit Buckets Public
Audits Supabase storage buckets for public access misconfigurations, detecting exposed sensitive content and improper access controls.
npx skills add https://github.com/yoanbernabeu/supabase-pentest-skills --skill supabase-audit-buckets-public| Installs | 231 |
|---|---|
| Repository | yoanbernabeu/supabase-pentest-skills ↗ |
What it does
Supabase storage buckets can be accidentally set to public, leaking sensitive user data.
Who is it for?
Solo builders who want to verify no Supabase storage buckets are accidentally public before shipping.
Skip if: Projects not using Supabase storage.
When should I use this skill?
Before shipping or after any storage configuration change.
What you get
A clear report of which buckets are public and what risks that poses.
- audit report
- list of misconfigured buckets
Related skills
Azure ComplianceRun Azure best-practice and compliance scans with azqr and audit Key Vault keys, secrets, and certificates before or after shipping workloads.396k1.2k
Openclaw Secure Linux CloudDeploy OpenClaw on a hardened Linux cloud VPS with rootless Podman and SSH-tunneled control UI access.221k61Entra Agent IdProvision Microsoft Entra Agent Identity blueprints and per-instance agent principals, then configure OAuth fmi_path and OBO token exchange for production AI agents.121k1.2k
Firebase Security Rules AuditorRed-team Firestore security rules after edits so solo builders catch update bypasses and authority bugs before production.48.9k345Firestore Security Rules AuditorRed-team Firestore security rules after edits so create/update gaps, authority spoofing, and abuse paths get caught before production.20.3k345
Skill VetterRun a conservative, manual-first security checklist on OpenClaw SKILL.md packages before installing from ClawHub, GitHub, or shared files.19.6k62