Will It Vibe logoWill It Vibe?
SQL-004Medium severity-8 points

GRANT ... TO PUBLIC statement

Part of Security, which counts for 30% of the overall score. When this check fires it deducts 8 points from that category, once per scan, no matter how many places it turns up.

What it detects

GRANT ... TO PUBLIC hands the privilege to every current and future role/user in the database, not just the intended one. This is occasionally intentional for a narrow read-only lookup table, but is easy to leave in place by habit.

Why it matters

GRANT ... TO PUBLIC applies the privilege to every current and future role or user in the database, not just the one you meant to grant it to. This is sometimes intentional for a narrow read-only reference table, but far more often it is a copy-paste default that quietly widens access to sensitive tables as new users and roles get created.

How to fix it

Replace PUBLIC with the specific role or user that needs the privilege. If several roles genuinely need it, grant to a dedicated group role and add each user to that role, rather than opening it to everyone.

The paid report includes a ready-to-paste prompt for your AI coding agent for every check it finds, pointed at the exact findings from your scan. See pricing

Does your repo trip this check?

Paste a GitHub URL or drop a project folder. Scans run in your browser and take seconds.

Scan your repo

Related Security checks