The self-audit security toolkit for Lovable builders β by Lucio Amorim, Lovable Ambassador.
A self-service audit tool for Lovable.dev users to review their own projects for exposed credentials, misconfigured Supabase RLS policies, and sensitive data left in source code or chat history.
Run it against your own account. Get a clear report. Fix what needs fixing.
Built and maintained by Lucio Amorim β Lovable Ambassador β the same hands behind the Lovable Skills catalog (/wireframe, /debate, /unbot). This project is part of a wider toolkit for builders who don't just ship Lovable apps β they verify, harden, and stand behind them.
As low-code and AI-assisted development tools gain adoption, credential leakage, data exposure, and access-control gaps have become a common class of risk across the whole ecosystem. When developers move fast, it's easy to leave API keys hardcoded, skip RLS configuration, or forget that chat history may be readable beyond its intended scope. These are general security pitfalls that apply to any platform, not faults specific to one.
This tool doesn't place blame β it places the solution in your hands. Instead of waiting for a platform to alert you, you audit yourself, find what's exposed, and fix it. That's it.
| Component | What it catches |
|---|---|
| π Secret Patterns | Supabase service_role, OpenAI sk-*, Anthropic sk-ant-*, Stripe sk_live_*, AWS AKIA*, GitHub ghp_*/gho_*/ghs_*, Firebase/Google AIza*, SendGrid SG.*, Slack xox*, Twilio, Resend, Postgres connection strings, JWT/PEM private keys, and more |
| π€ PII Patterns | Email addresses, LinkedIn profiles, CPF/CNPJ (Brazilian tax IDs), credit card numbers (Luhn-shaped), phone numbers, US SSN, Stripe customer IDs (cus_*) |
| π‘οΈ BOLA/IDOR Test | Probes file and chat endpoints to verify whether your project returns 200 OK without ownership validation β a baseline access-control check aligned with the OWASP API Security Top 10 (BOLA). The CLI supports an optional dual-probe mode (--audit-token) that confirms cross-account exposure instead of inferring it from a single request |
| ποΈ Supabase RLS Audit | Non-invasive check against common table names using only the anon key, plus a copy-paste deep-RLS SQL checklist whose pasted result the CLI classifies into DB-003/DB-004/DB-005/DB-008/DB-009 findings β no automated SQL is ever run against an external Supabase |
| π¦ Bundle / Source-map Scan | The CLI fetches a target URL's HTML and JS chunks (read-only, bounded), flags exposed source maps and missing Subresource Integrity, and extracts a hardcoded Supabase URL + anon key to correlate with an RLS gap into a compound_risk finding |
The exact pattern set differs slightly between the two channels because they evolved against different rule catalogs:
- Chrome Extension (
extension/lib/data-patterns.js): 24 secret patterns + 7 PII patterns. - CLI (
packages/cli/src/engines/patterns.ts): 27 secret patterns + 8 PII patterns.
| Component | What it does |
|---|---|
| π― Risk Scoring (0β100) | Weighted formula combining BOLA exposure, secret/PII counts, RLS status, source-map exposure, and project recency β auto-classifies as Catastrophic / Critical / High / Medium / Low / Clean |
| π§Ύ Reproducible Rationale | Every score ships with a rationale breakdown (which signals contributed how many points) so the number is auditable, not a black box |
| Remedy Guidance | Findings are enriched with structured fix guidance in English, Portuguese, and Spanish. CLI JSON/SARIF include remedy metadata; Markdown/HTML and the extension panel render the steps inline |
| π₯οΈ Extension Dashboard | Dark side-panel UI with risk rings, severity badges, scan history, and per-finding remediation guidance |
| π Baseline & Drift | Both channels persist a fingerprinted baseline (CLI: .nxlv-baseline.json) and report new / unchanged / resolved findings between runs |
| π¦ Demo Mode | The extension can explore the full interface with realistic sample data β no token needed |
| Component | What you get |
|---|---|
| π₯ JSON / SARIF / Markdown / HTML | The CLI emits structured JSON, GitHub-ready SARIF 2.1.0, a Markdown report, or a single self-contained HTML file (--format json|sarif|markdown|html|all). JSON/SARIF carry remedy metadata; Markdown/HTML show the fix steps |
| π Signed Evidence Pack | The extension exports an HMAC-SHA256 signed report for tamper-proof forensic documentation (see verification below) |
| π Trilingual UI | πΊπΈ English (default) Β· π§π· PortuguΓͺs Β· πͺπΈ EspaΓ±ol β switch instantly, no reload |
Runs in your browser, reads your own lovable.dev session β no manual token handling required.
- Open Chrome β
chrome://extensions - Enable Developer mode (top right toggle)
- Click Load unpacked and select the
extension/directory from this repo - Pin the icon to your toolbar, open the side panel, and run a scan
A standalone Node CLI (Node β₯ 20) for terminal and CI use. It needs your Lovable Bearer token, which it reads from --token or the LOVABLE_TOKEN environment variable.
# Scan your account (interactive / local)
npx @nxlv-ai/lovable-audit scan --token <bearer>
# Or via env var
LOVABLE_TOKEN=<bearer> npx @nxlv-ai/lovable-audit scan
# Machine-readable / shareable output
npx @nxlv-ai/lovable-audit scan --token <bearer> --format json --output results.json
npx @nxlv-ai/lovable-audit scan --token <bearer> --format sarif --output results.sarif
npx @nxlv-ai/lovable-audit scan --token <bearer> --format markdown --output report.md
npx @nxlv-ai/lovable-audit scan --token <bearer> --format html --output report.html
# Scan a deployed URL's headers, source maps, and bundle
npx @nxlv-ai/lovable-audit scan --token <bearer> --url https://myapp.lovable.app
# Confirm token validity only
npx @nxlv-ai/lovable-audit verify --token <bearer>Getting your token: open lovable.dev while logged in, open DevTools (F12) β Network, filter for api.lovable.dev, and copy the Authorization: Bearer <token> value.
Useful flags: --deep (download and scan file contents locally, behind a consent prompt), --audit-token (dual-probe BOLA confirmation), --baseline / --update-baseline (drift tracking), --rls-checklist (print the copy-paste deep-RLS SQL), --rls-result <file> (classify a pasted RLS result), --no-chat / --no-files / --no-rls / --no-headers (scope the scan).
The ci subcommand is optimized for pipelines: it writes SARIF and exits non-zero when critical or catastrophic findings are present.
LOVABLE_TOKEN=<bearer> npx @nxlv-ai/lovable-audit ci --output nxlv-audit.sarifA ready-to-use GitHub Action workflow lives in .github/workflows/nxlv-audit.yml, and the published privacy policy is in PRIVACY.md.
# Regenerate a report from a saved JSON result β no re-scan
npx @nxlv-ai/lovable-audit report results.json --format html --output report.html
# Extract the copy-paste AI fix prompts from a saved result
npx @nxlv-ai/lovable-audit fix-prompt results.json --output prompts.md
# Verify the HMAC signature of an exported evidence pack
npx @nxlv-ai/lovable-audit verify-evidence pack.json --passphrase <device-key>
# Track drift vs a baseline and POST a summary to a webhook
# (payload carries only counts + finding identifiers β no tokens, no raw bodies)
npx @nxlv-ai/lovable-audit scan --token <bearer> --baseline --webhook https://example.com/hook- Pre-commit token guard β
npm run hooks:installwires a dependency-free git hook (.githooks/pre-commit) that blocks committing token-shaped strings or code that logs secrets. Bypass withNXLV_SKIP_TOKEN_SCAN=1when needed. - Package the extension β
npm run package:extproduces a Chrome Web Store zip underdist/. - Pattern drift gate β
npm run check:driftfails if the extension and CLI rule catalogs diverge.
The Signed Evidence Pack export (lpa-evidence-*.json) includes an hmac_sha256 signature. This allows third parties to verify that the report was generated by this tool and has not been tampered with.
To verify using Node.js:
const { webcrypto } = require('crypto');
const fs = require('fs');
async function verify() {
const file = JSON.parse(fs.readFileSync('./lpa-evidence-123.json', 'utf-8'));
const payloadStr = JSON.stringify(file.payload, null, 2);
const passphrase = 'your-passphrase-or-device-key';
const enc = new TextEncoder();
const base = await webcrypto.subtle.importKey('raw', enc.encode(passphrase), { name: 'PBKDF2' }, false, ['deriveKey']);
const key = await webcrypto.subtle.deriveKey(
{ name: 'PBKDF2', salt: enc.encode('lpa-evidence-v1'), iterations: 100000, hash: 'SHA-256' },
base, { name: 'HMAC', hash: 'SHA-256' }, true, ['verify']
);
const sigBytes = new Uint8Array(file.hmac_sha256.match(/.{2}/g).map(h => parseInt(h, 16)));
const isValid = await webcrypto.subtle.verify('HMAC', key, sigBytes, enc.encode(payloadStr));
console.log('Signature Valid:', isValid);
}
verify();The CLI can also verify packs programmatically; the Node snippet above remains the portable, dependency-free reference.
The project is a Chrome Extension (Manifest V3, plain JS) plus a standalone TypeScript CLI. There is no longer a web app β that earlier Vite demo has been removed.
βββ extension/ # Chrome Extension (Manifest V3)
β βββ manifest.json # Permissions + service worker config
β βββ background.js # Service worker β audit orchestrator + message bus
β βββ content.js # Page collectors (state / route / DOM-sink scans)
β βββ interceptor.js # Passive fetch/XHR hook (masked extraction in page context)
β βββ popup.html # Quick-view popup
β βββ sidepanel.html/js/css # Full dashboard in the side panel
β βββ devtools.html/js # DevTools bridge
β βββ devtools-panel.html/js # Live findings / endpoints / routes panel
β βββ icons/ # Extension icons
β βββ lib/ # Core modules (plain JS)
β βββ api-client.js # Lovable API + chrome.cookies auth
β βββ audit-engine.js # Inspection orchestrator
β βββ data-patterns.js # 24 secret + 7 PII patterns
β βββ masking.js # Secret masking + line numbers
β βββ health-scorer.js # Scoring algorithms
β βββ remedy.js # Structured remediation catalog
β βββ evidence-pack.js # HMAC-signed evidence export
β βββ logger.js # Logging helper
β βββ passive-endpoints.js # Endpoint normalization (5th-endpoint candidate detection)
β βββ i18n.js # Trilingual translations
β βββ skills/ # Security "skills" modules
β βββ token-vault.js # AES-GCM + PBKDF2 token vault (lock/unlock)
β βββ consent-gate.js # L0/L1/L2 consent + legal first-run
β βββ secret-hasher.js # SubtleCrypto SHA-256 hashing + dedupe
β βββ structured-logger.js # JSON logger with secret redaction
β βββ rationale-logger.js # Frozen signal weights + verifiable score rationale
β βββ dual-probe.js # ownerΓaudit BOLA signature matrix
β βββ scan-history.js # Run history + delta comparison
β βββ rls-checklist.js # Deep-RLS copy-paste checklist classifier
β βββ pattern-catalog.js # Dynamic rule catalog (remote fetch + toggle + TTL cache)
β
βββ packages/cli/ # Standalone CLI (@nxlv-ai/lovable-audit, TypeScript)
β βββ src/
β βββ index.ts # CLI entry β scan / verify / ci commands
β βββ commands/scan.ts # Scan orchestrator
β βββ engines/
β β βββ patterns.ts # 27 secret + 8 PII patterns
β β βββ lovable-client.ts # Lovable API client + response-signature classifier
β β βββ supabase-engine.ts # RLS probe + security headers
β β βββ rls-checklist.ts # Deep-RLS SQL + pasted-result classifier
β β βββ bundle-scan.ts # Remote bundle / source-map / SRI scan
β β βββ scorer.ts # Weighted risk score + rationale
β β βββ baseline.ts # Fingerprinted baseline + drift
β βββ remedy/index.ts # Structured remediation catalog
β βββ reporters/index.ts # console / json / sarif / markdown / html output
β βββ util/logger.ts # Redacting structured logger
β
βββ package.json # Root scripts: test (vitest), build:cli, check:drift
- Tokens never leave your browser β never transmitted to external servers
- Response bodies stay local β only metadata and masked findings are retained in the report
- Read-only β only GET requests against
api.lovable.dev, never POST/PUT/DELETE - Rate limited β sustained request throttling to avoid overloading the API
- Identified β requests include an
X-Clientidentifier
This tool is for auditing your own account. The Chrome Extension operates only on projects belonging to the authenticated user's session, and the CLI only on the account behind the token you provide. It is not designed for, and cannot be used for, inspecting projects belonging to other accounts.
This project was created by Lucio Amorim, Lovable Ambassador.
When reusing, redistributing, or citing this work, keep the attribution credits and include a link to this repository.
Licensed under Apache 2.0.
In plain terms: use it freely β including commercially β but if you reproduce it, redistribute it, or fold any part of it into a product of your own, you must credit Lucio Amorim as a contributor, link back to his LinkedIn, and link to the license.
Suggested attribution line:
Includes work by Lucio Amorim (Lovable Ambassador) β https://linkedin.com/in/lucioamorim β licensed under Apache 2.0.