Audit any Hasura instance (or Nhost project) for permissive role permissions, missing row-level scoping, and public GraphQL leaks. Active probe confirms each leak by sending an anonymous GraphQL query and showing what comes back.
▶ Run it without installing anything → apify.com/renzomacar/nhost-security-auditor (paste Hasura endpoint + admin secret, get HTML report)
⚡ Want me to run it for you and send back a written report? $99, 24h delivery → https://perufitlife.github.io/supabase-security-skill/ (one landing covers all five — Supabase, PocketBase, Appwrite, Hasura, Firebase)
🔁 Want this running on a cron? RLS Monitor does weekly diff-based scans + email alerts when new findings appear — $29/mo, your keys never leave your CI.
📦 Need all 5 BaaS stacks at once? The BaaS Security Pack bundles every scanner + sample reports + fix-SQL libraries — one $99 download.
🪞 Sister tool: aitells detects + rewrites AI fingerprints in your text (em-dashes, "delve", parallel bullets). Free detector + $19 lifetime rewriter at /rewrite.
Sister tools for other BaaS platforms (same
--discoverflag, all MIT): supabase-security · pocketbase-security · appwrite-security · firebase-security
Hasura's permission model is powerful but easy to leave too open. The patterns I see most often:
anonymousrole with open SELECT permission — any unauthenticated request can query the table. Often a leftover from local dev.userrole with empty filter{}— any signed-up user can read/update/delete every row, ignoring ownership. Should usually be{ user_id: { _eq: "X-Hasura-User-Id" } }.- SELECT permission with all columns — exposes sensitive columns (password_hash, internal_notes) the role doesn't actually need.
- Public schema introspection — anyone can map your entire data model + permission structure without auth.
HASURA_ENDPOINT=https://my.hasura.app \
HASURA_ADMIN_SECRET=$ADMIN_SECRET \
npx nhost-security --html report.htmlFor Nhost projects the endpoint is https://<subdomain>.hasura.<region>.nhost.run.
| # | Check | Severity |
|---|---|---|
| 1 | anonymous role has open SELECT permission |
CRITICAL |
| 2 | anonymous role has INSERT/UPDATE/DELETE permission |
CRITICAL |
| 3 | user role has SELECT/UPDATE/DELETE without row-level filter |
HIGH |
| 4 | Permission exposes all columns (no allowlist) | MEDIUM |
| 5 | GraphQL introspection enabled for anonymous | MEDIUM |
For every suspect anonymous SELECT permission, the auditor sends an anonymous GraphQL query ({ <table>(limit: 1) { __typename } }) and reports confirmed: true if rows come back. For introspection, sends { __schema { queryType { name } } } and reports if anonymous can read the schema.
--no-probe disables the live fetch.
MIT. Open source: https://github.com/Perufitlife/nhost-security-skill
For Supabase, see https://github.com/Perufitlife/supabase-security-skill For PocketBase, see https://github.com/Perufitlife/pocketbase-security-skill For Appwrite, see https://github.com/Perufitlife/appwrite-security-skill
Two productized services:
- Vibe-code Security Review — $199 / 48h — I review your AI-generated code (Cursor / Claude / v0 / Bolt) and ship a PDF with fixes ranked by exploitability.
- Sandbox-as-a-Service — $499 / 48h — custom partner integration sandbox built for your API.
See rotatepilot-skyx-sandbox for a live demo of how a partner consumes one of our public REST APIs in a single static page — built 12-may-2026 in response to an aviation-platform partnership inbound. Same JSON-contract / CORS / edge-served approach we use for nhost-security integrations.
If your team writes outreach, PR descriptions, or social posts with AI, the aitells ecosystem catches the fingerprints before they ship:
@perufitlife/aitells-mcp— MCP server for Claude Code / Cursor.detect_ai_tells+humanize_textas native tools.Perufitlife/aitells-action— GitHub Action that scans PR titles/bodies/commits for AI patterns. Posts friendly summary comment.- aitells.vercel.app — free detector + $19 lifetime humanizer (first 100 buyers)