Executive verdict
Harden before launch
72 / 100 launch risk
The app is salvageable, but it should not launch to real users until critical auth, data-access, payment, and deployment issues are fixed.
Fictional sample report
Sample Launch Readiness Audit
See the kind of verdict, risk scoring, and remediation roadmap a founder receives before deciding whether to harden, rescue, or rebuild.
This is a fictional sample report. It is not a real client case study, testimonial, or claim about a past engagement.
Verdict options
Launch-ready
Harden first — active
Rescue
Rewrite
Critical blockers
Severity
Area
Finding
Recommended action
Critical
Data access
Supabase RLS is missing on user-owned tables
Add and test RLS policies before launch
Critical
Payments
Stripe webhook route accepts unsigned events
Verify signatures and test subscription state transitions
High
Deployment
Production env differs from preview env
Document required env vars and validate at boot
High
Regression risk
No test covers login → checkout → dashboard
Add smoke test and CI gate
Medium
Maintainability
Duplicate API clients generated by AI edits
Consolidate client utilities and update imports
Suggested hardening sprint
Supabase RLS repair
Stripe webhook verification
Environment validation
Critical-path Playwright smoke test
CI build/test workflow
Handoff docs
Launch checklist
Secrets removed from repo
RLS enabled and tested
Webhooks verified
Production deploy passes
Smoke tests pass
Error tracking installed
Rollback path documented
Owner handoff completed
Launch verdict
Want this verdict for your own AI-built app?
No passwords, API keys, production credentials, or private customer data through forms.