One-time · MIT scanners included · Sample reports + fix SQL

5 BaaS auditors. 1 download. $99.

Skip the npm install dance. One ZIP gives you the CLI quickstart, sample HTML reports against intentionally-leaky fixtures, and fix-SQL libraries for every BaaS your team might be running.

🟢

Supabase

RLS · buckets · functions

🔥

Firebase

Firestore rules · storage

📦

PocketBase

Collection rules · auth

📝

Appwrite

Permissions · doc security

🔷

Hasura/Nhost

Roles · row filters

What's in the pack

→
5 sample HTML reports, one per BaaS, generated against intentionally-leaky test fixtures. Open in any browser, forward to your team, use as a template for your own audits.
→
Fix-SQL libraries — every CRITICAL/HIGH finding ships with copy-paste SQL (or Firestore rule snippet, or Hasura metadata YAML). Tested patterns, not chatgpt-fluff.
→
Quickstart docs — exact npx command for each scanner, common gotchas, CI integration example for GitHub Actions.
→
30-day Q&A — reply to the welcome email with any "is this exposed?" question. I read every one.
→
Free upgrade path to RLS Monitor ($29/mo recurring scans) — first month free if you bought the pack.

Pay once. Skip the npm install. Sleep better.

$99

Get the BaaS Security Pack →

After payment: instant email with the ZIP. 14-day moneyback, no questions.

Q&A

The scanners are MIT — why pay? You're paying for the curation + sample reports + fix-SQL library. npx supabase-security gives you raw JSON; the pack gives you the deliverable a dev manager actually forwards to their team.

One stack, do I still pay $99? If you're 100% sure you'll only ever run one, no — buy the $99 single-stack audit from the main page. Most teams have at least 2 BaaS lying around (Firebase auth + Supabase data, etc.) so the pack pays off.

Refund? 14 days, just email renzomacar@gmail.com. No forms.

Built by @Perufitlife · MIT scanners on npm: supabase · firebase · pocketbase · appwrite · nhost