critical
suspicious.exposed_secret_literal
- Location
- scripts/audit.js:108
- Finding
- File appears to expose a hardcoded API secret or token.
Supabase Security Audit
AdvisoryAudited by Static analysis on May 16, 2026.
Overview
Detected: suspicious.exposed_secret_literal, suspicious.insecure_tls_verification
Findings (2)
warn
suspicious.insecure_tls_verification
- Location
- scripts/audit.js:110
- Finding
- HTTPS certificate verification is disabled.