Run a project security audit:
- •Run
pnpm auditto check for dependency vulnerabilities - •Verify
.envis NOT tracked by git (git ls-files .env) - •Search source code for possible hardcoded secrets (API keys, passwords, tokens)
- •Verify all variables in
src/lib/env.tsare present in.env.example - •Check that protected routes in
src/lib/supabase/middleware.tscover all pages requiring auth - •Report a summary with findings and recommendations