Skip to main content

insforge

Facilitates frontend integration with InsForge SDK for database queries, authentication, and real-time messaging in web applications.

Install this skill

or
20/100

Security score

The insforge skill was audited on Jun 11, 2026 and we found 24 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 154

Webhook reference - potential data exfiltration

SourceSKILL.md
154| [payments](../insforge-cli/references/payments/overview.md) | Configuring Stripe/Razorpay keys, syncing provider catalog, setting up webhooks, and
medium line 226

Webhook reference - potential data exfiltration

SourceSKILL.md
226- **Payment RLS**: Before payment UI, add app-specific RLS on provider runtime tables. Stripe uses `payments.stripe_checkout_sessions` and `payments.stripe_customer_portal_sessions`; Razorpay uses `pa
medium line 27

Access to .env file

SourceSKILL.md
27Before using the SDK, create a `.env` file (or `.env.local` for Next.js) in your project root with your InsForge URL and anon key.
medium line 42

Access to .env file

SourceSKILL.md
424. **Write both values** to the `.env` file using the correct framework prefix (see table below).
medium line 48

Access to .env file

SourceSKILL.md
48| Framework | `.env` file | Variables | Access Pattern |
medium line 50

Access to .env file

SourceSKILL.md
50| **Next.js** | `.env.local` | `NEXT_PUBLIC_INSFORGE_URL`, `NEXT_PUBLIC_INSFORGE_ANON_KEY` | `process.env.NEXT_PUBLIC_*` |
medium line 51

Access to .env file

SourceSKILL.md
51| **Vite** (React, Vue, Svelte) | `.env` | `VITE_INSFORGE_URL`, `VITE_INSFORGE_ANON_KEY` | `import.meta.env.VITE_*` |
medium line 52

Access to .env file

SourceSKILL.md
52| **Astro** | `.env` | `PUBLIC_INSFORGE_URL`, `PUBLIC_INSFORGE_ANON_KEY` | `import.meta.env.PUBLIC_*` |
medium line 53

Access to .env file

SourceSKILL.md
53| **SvelteKit** | `.env` | `PUBLIC_INSFORGE_URL`, `PUBLIC_INSFORGE_ANON_KEY` | `import { env } from '$env/dynamic/public'` |
medium line 54

Access to .env file

SourceSKILL.md
54| **Create React App** | `.env` | `REACT_APP_INSFORGE_URL`, `REACT_APP_INSFORGE_ANON_KEY` | `process.env.REACT_APP_*` |
medium line 55

Access to .env file

SourceSKILL.md
55| **Node.js / Server** | `.env` | `INSFORGE_URL`, `INSFORGE_ANON_KEY` | `process.env.*` |
medium line 57

Access to .env file

SourceSKILL.md
57Example `.env.local` for Next.js:
medium line 64

Access to .env file

SourceSKILL.md
64> **Important:** Keep `.env` files local. Add `.env`, `.env.local`, and `.env*.local` to your `.gitignore` and keep `.env.example` for documenting required variables.
low line 74

Access to .env file

SourceSKILL.md
74baseUrl: process.env.NEXT_PUBLIC_INSFORGE_URL,
low line 75

Access to .env file

SourceSKILL.md
75anonKey: process.env.NEXT_PUBLIC_INSFORGE_ANON_KEY
low line 85

Access to .env file

SourceSKILL.md
85baseUrl: import.meta.env.VITE_INSFORGE_URL,
low line 86

Access to .env file

SourceSKILL.md
86anonKey: import.meta.env.VITE_INSFORGE_ANON_KEY
low line 96

Access to .env file

SourceSKILL.md
96baseUrl: import.meta.env.PUBLIC_INSFORGE_URL,
low line 97

Access to .env file

SourceSKILL.md
97anonKey: import.meta.env.PUBLIC_INSFORGE_ANON_KEY
low line 107

Access to .env file

SourceSKILL.md
107baseUrl: process.env.INSFORGE_URL,
low line 108

Access to .env file

SourceSKILL.md
108apiKey: process.env.INSFORGE_API_KEY,
medium line 200

Access to .env file

SourceSKILL.md
200> ⚠ **After `branch create` or `branch switch`**, update the app's InsForge URL and anon-key env values, then **restart your dev server** (or re-source `.env`) so the SDK talks to the selected branch
low line 40

External URL reference

SourceSKILL.md
403. **Get the URL** from the `oss_host` field in `.insforge/project.json` (e.g., `https://myapp.us-east.insforge.app`).
low line 60

External URL reference

SourceSKILL.md
60NEXT_PUBLIC_INSFORGE_URL=https://your-appkey.us-east.insforge.app
Scanned on Jun 11, 2026
View Security Dashboard
Installation guide →
GitHub Stars 26
Rate this skill
Categorydevelopment
UpdatedJune 15, 2026
frontendplaywrightstripereactremotiondocxgitapidatabasetestingdevopsbackendfrontend-developerbackend-developerproduct-managerdevelopmentproduct
InsForge/insforge-skills