Your Supabase app is leaking. Find out before your users do.

Supabase misconfigurations fail silently. We catch them across Database, Auth, Storage, Edge Functions, and Realtime. The scan is free. The fix is free. We only charge if you want us to keep watching.

$ npx argus scan

▲ Argus v1.2.0 — Supabase Production Readiness Check

Connecting to project... acme-prod-db

Scanning RLS policies .............. done

Scanning public tables ............. done

Scanning storage buckets ........... done

Scanning key exposure .............. done

✗ CRITICAL public.users — RLS disabled, 12,847 rows exposed

✗ CRITICAL public.payments — SELECT open to anon role

⚠ WARNING storage/avatars — bucket is public, no policy

⚠ WARNING supabase_anon_key found in client bundle

Applying fix: enable RLS on public.users ........... ✓

Applying fix: restrict SELECT on public.payments ... ✓

Applying fix: set avatars bucket to private ........ ✓

Applying fix: rotate exposed anon key .............. ✓

✓ 4 vulnerabilities found

→ Fix written to supabase/migrations/argus_fix.sql

Run npx argus fix to apply — review it first.

THE SILENT THREAT

Your backend is probably broken right now.

YOUR DASHBOARDALL SYSTEMS GREEN

Database: Healthy

Auth: Active

Storage: 2 buckets

ARGUS SCAN3 CRITICAL ISSUES

✗public.users: RLS disabled

✗anon_key exposed in bundle

✗/avatars bucket is public

HOW IT WORKS

How the Supabase Production Readiness Check works.

FREE

STEP 1

Run the scan

$ npx argus scan

We check your Supabase setup for exposed tables, leaked keys, and missing RLS policies. You get a report showing exactly what’s public and why.

FREE

STEP 2

Apply the fix — free

$ npx argus fix

The scan writes a migration file to supabase/migrations/argus_fix.sql. Review it, push it, done. Argus generates exact policies for your schema — not generic templates. No manual edits. No guessing.

$49/mo

STEP 3

We watch your repository so you don’t have to.

Every new table, every migration, every RLS change — checked before it ships. If something looks exposed, we flag it with the fix included. A full security report in your inbox every week.

Continuous Backend Watch

We keep watch. You keep shipping.

argus runs silently. every schema change, every new table, every RLS edit reviewed before it reaches production. A full security report lands in your inbox every week. One thing permanently off your mind.

$49/month — cancel anytime

Frequently Asked Questions

Does this work with any Supabase project?

Yes. Argus works with any Supabase project (hosted or self-hosted) by analyzing your production URL and public API configuration.

Will the fix break my app?

What does monitoring actually watch for?

What's the difference between the free scan and the paid plan?

Fix It

Your backend is probably leaking right now. Find out in 60 seconds.