I built a Postgres RLS linter. Not asking for stars or anything (it's MIT). What I actually want is to expand the rule set, and I figured this sub has seen the kinds of RLS bugs that don't show up in tutorials. What's there already: RLS disabled on a table, missing WITH CHECK on write policies, BYPASSRLS roles inadvertently grandfathered in, plus the well-known USING (auth.uid() IS NULL OR owner = auth.uid()) (auth.uid() returns NULL for unauthed connections, so the IS NULL is true, the OR short-circuits, every row visible). The kind of thing that looks correct on inspection. What I want to add: the real life production bugs. Trigger funcs bypassing policies. Subqueries against RLS-off tables. Generated columns leaking data through a join. Weird ON CONFLICT DO UPDATE shapes that mess with WITH CHECK. Anything you debugged at 3am that wasn't in any RLS guide. If you've got a war story like that and you're willing to share, I'll write a rule for it. Appreciate the help!…