Profile
Ryan
@decloak
...
Profile Image

Ryan Garcen

0 Followers 0 Following

About

Vibe coding gets you from idea to live app in hours, but the security review is usually the first thing that gets skipped. Decloak is built to catch what shipping fast leaves behind. Paste your URL and Decloak automatically fingerprints your platform - Lovable, Supabase, Base44 etc - then checks for the specific misconfigurations known to affect each one. The most common failure it catches: a Supabase database left publicly readable because Row Level Security was never enabled, meaning anyone can read your data using your own public API key. It also flags leaked Supabase service_role keys sitting in client-side JavaScript, exposed Stripe and other API keys in production bundles, and known platform CVEs like the Next.js middleware authorization bypass. Every scan runs a full 8-layer analysis: HTTP/TLS, HTML, live network traffic, JavaScript CVEs, tag managers, third-party supply chain, platform misconfigurations, and AI synthesis, producing a weighted security score and

Launches

No data available yet

Premium Products