Security heads-up: leaked Supabase service_role JWT in .env

Hi there,

GitScan detected `Supabase service_role JWT` possibly leaked in your public repository.

### Details

- **File**: [.env](https://github.com/lithvall/TrustBench/blob/0bbad50784bdf5d214901be3b18f8767538f6fee/.env#L4)
- **Line**: 4
- **Commit**: [`0bbad50`](https://github.com/lithvall/TrustBench/commit/0bbad50784bdf5d214901be3b18f8767538f6fee)
- **Snippet** (redacted):
```
SUPABASE_SERVICE_ROLE_KEY=************************************.****************************************.****************************************
```

### Recommended actions

1. **Revoke and rotate** Supabase secrets in your [Supabase dashboard](https://supabase.com/dashboard) under **Project Settings → API** — replace leaked `service_role` / `anon` keys (see [API keys](https://supabase.com/docs/guides/api/api-keys)).
2. Remove the secret from your code
3. Clean it from your Git history if possible
4. Push a new commit

When you're ready, **[mark this finding as resolved on GitScan](https://gitscan.ai/resolve?utm_source=issue&utm_medium=disclosure&utm_campaign=auto_issue&utm_content=mark_resolved&finding=gs_004e718a1e531dc2)** — we'll verify the fix automatically. You can also close this issue from GitHub if you prefer.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security heads-up: leaked Supabase service_role JWT in .env #1

Details

Recommended actions

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Security heads-up: leaked Supabase service_role JWT in .env #1

Description

Details

Recommended actions

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions