SupaShield

v0.1.0MIT License

Test your Supabase
RLS policies

Catch Supabase RLS security vulnerabilities before they reach production.
Find permission bugs before your users do.

Find Your Bugs NowView on GitHub
Quick Install
npm install -g supashield

RLS Testing is Broken

Deployed with confidence, only to find users can see each other's data.

Data Leaks

RLS policies fail silently. One bug exposes all user data.

Compliance fines, customer churn

Manual Testing

Testing by hand doesn't scale. Complex logic breaks.

Hours wasted, bugs slip through

No Visibility

Deploy hoping policies work. No way to verify.

Deploy anxiety, uncertainty

Expensive Fixes

Production bugs need emergency hotfixes.

10x more expensive than catching early

35% of all cyber incidents are caused by security misconfigurations

How it works

Policy Testing

Test all CRUD operations against your RLS policies with different user roles.

Schema Discovery

Automatically finds your tables and generates test scenarios.

Real User Testing

Test with actual JWT claims to validate permissions work correctly.

CI Integration

Run tests in your deployment pipeline to catch issues early.

Example output

$ supashield test
Testing public.users:
anonymous_user:
SELECT: ALLOW (expected DENY) - FAIL
INSERT: DENY (expected DENY) - PASS
authenticated_user:
SELECT: ALLOW (expected ALLOW) - PASS
INSERT: DENY (expected ALLOW) - FAIL
2 passed, 2 failed

Installation

Install globally with npm
npm install -g supashield

Usage

Discover tables and generate tests
supashield init
Test all RLS policies
supashield test
Test specific table
supashield test --table public.users
Test with real user context
supashield test --as-user admin@company.com
List users from auth.users for testing
supashield users