Most AI-built apps ship with the same security hole — a Claude Code skill now catches it

Someone who does web development and SEO work, and regularly recommends clients build with AI tools including Claude, describes a pattern they keep seeing when reviewing handed-off code. Apps built with tools like Lovable, Bolt, or Cursor look finished, but about half the time they're one changed URL away from leaking every user's data.

The most common issue is a Supabase table with row-level security (RLS) turned off: anyone who loads the site can grab the anon key from the browser's network tab and then read and write the entire database directly from the browser, in about a minute. The second most common issue is a service_role key — meant to stay server-side — getting shipped in the client bundle because it was given a VITE_ prefix, which bypasses RLS entirely even after the first problem is fixed.

The author argues this isn't really a flaw in the AI tools themselves, since they're genuinely good at making things work; the gap is that they don't distinguish between an anon key being exposed (fine, by design) and RLS being off (critical). After repeatedly finding this same bug, they built a that checks for it before an app ships.

Key points

  • Most common bug: Supabase tables with RLS (row-level security) disabled let anyone read/write the whole database using just the public anon key
  • Second most common bug: a service_role key exposed in the client via a VITE_ prefix, which bypasses RLS entirely even after it's re-enabled
  • are good at making apps 'work' but don't flag this kind of security mis
  • A was built to automatically catch this issue before an app ships
Read original