Ship Read · Northstar Waitlist

Report nsw-demo7k2m · Share link withseatbelt.com/r/nsw-demo7k2m
First read Fri, 17 Jul 2026 10:42 GMT · cleared on pass 2 at 10:51 GMT · input: zip · source: mcp

Verdict
Cleared to share
Open gates
0 open
Badge
Earned

Cleared to share. Three flags on the first pass, all closed on the second.

Seatbelt read the Northstar Waitlist build, flagged three things, the agent fixed them, and a second pass confirmed it. This is sample data for the landing page, not a live scan.

Flags

Gate Flag Summary Status
info login Sign in route detected (/auth) and member dashboard at /app. Route looks scoped. noted
soft payments Stripe checkout route for paid early access tier verified
hard secrets API key pattern in client bundle NEXT_PUBLIC_* sk-…4f2a fixed
info customer data Stores waitlist emails, referral codes, and profile names noted
info databases ORM config found. No connection string or admin UI in the client. noted
soft risky shortcuts Debug delete route present (/api/debug) fixed

Fix history

Flag First read · 10:42 Again · 10:51
secrets open · hard gate fixed · moved server side, key rotated
payments flagged · verify checkout verified end to end
risky shortcuts flagged · debug delete route fixed · route removed

Verified by Seatbelt, earned. A real scan on an app with substance, hard gates cleared on the second pass. The badge links to this report, not a sticker.

Honest scope: Seatbelt reads structure and clues on the folder or ZIP you share. Not a pentest. Not hacking production. Does not read live customer private data. Secret values are truncated in cues; only prefixes appear above.

Open PDF · Back to Seatbelt