Browse categories
Explore
Fiverr Pro
English
$
USD
I will fix supabase rls and test for data leaks in your app
Monzurul H
About this gig
Is your SaaS or web app leaking private user data?
Most apps built with Supabase or AI tools (Lovable, Bolt, Cursor) have hidden access control issues:
Users can access other users' data
For example, changing an ID or URL may expose private records, invoices, or account data.
What I check
- Can one user access another user's data
- Are your APIs exposing private data
- Do your backend rules actually block unauthorized access
What you get
- Simple Pass/Fail result
- Proof if a data leak exists
- Clear explanation of the issue
- Basic guidance on the issue
Best for
- AI-built apps (Lovable, Bolt, Cursor, Replit)
- Supabase / Firebase backends
- SaaS apps with user accounts
Important
- This is a testing-only service.
- I do not fix or build systems in these packages.
- I identify data leaks and explain the risk clearly.
Quick check before launch can prevent serious problems later.
Get to know Monzurul H
Monzurul H
Hardening AI Built SaaS MVPs Supabase RLS and Automation Reliability
- FromBangladesh
- Member sinceJul 2017
- Last delivery1 year
Languages
English
Most AI-built apps (Cursor, Bolt, Lovable, v0) have one hidden risk: users can sometimes access data they shouldn’t.
I test AI SaaS apps to check if user data is properly isolated and protected.
My focus is simple:
– Can User A access User B’s data?
– Are API endpoints properly protected?
– Do your backend rules actually enforce access control?
I specialize in Supabase-based apps and multi-user SaaS systems where data separation is critical.
Clear testing. Clear results. No unnecessary complexity.
My Portfolio
FAQ
Q: Do you need full access to my database?
No. API access or test account(s) are enough for testing.
Q: Do I need to provide two user accounts?
Not required, but recommended. It helps properly test if users can access each other’s data.
Q: Will you fix the issues you find?
I provide clear fix guidance. Implementation can be discussed separately after testing.
Q: What if no data leak is found?
You’ll receive a clean Pass report confirming your tested endpoints are secure.
Q: What exactly do you test?
I test if one user can access another user’s data, and if your API or backend exposes data publicly.
Q: Is this safe for my app and data?
Yes. I only test access behavior safely without modifying your system.
