- Available on: Enterprise plans
- Access: Workspace admins and owners
- Location: Settings → Security & compliance → Security center → Workspace insights
What you can do
- See a workspace-wide summary of total projects, externally published projects, and projects with high review priority.
- Jump to key risk themes with quick filters for projects with PII, abandoned projects, security scan findings, and projects with no owner.
- Search every project by project name, owner, or description.
- Filter the project table by review priority, publishing status, and finding type.
- Sort projects by review priority, activity, credits, scan status, and other table columns.
- Show or hide columns to tailor the table to your workflow.
- Expand any project row to review the findings and signals that explain why the project is flagged.
- Click a project name to open the full project details page with description, Lovable Cloud setup, connectors, website details, PII status, activity metrics, and open findings.
- Run a fresh PII scan or security scan on a project.
- Export the table to a CSV file for audits, reporting, or leadership reviews.
How Workspace insights works
Workspace insights combines scan results and workspace signals, then turns them into review priority for each project.Where findings and signals come from
Workspace insights brings together scan results and workspace signals to help you prioritize project review across the workspace. It uses:- Security findings from Lovable’s Basic scan, Deep scan, and related Security center surfaces.
- Sensitive data findings from Sensitive data scanning, such as unresolved personally identifiable information (PII) in project data.
- Project and workspace signals such as publish status, ownership, activity, credits, collaborators, connectors, secrets, and Lovable Cloud usage.
| Source | What it contributes |
|---|---|
| Sensitive data scanning | Finds personally identifiable information (PII) in supported project data, including chat messages, file uploads, chat history, Lovable Cloud database data, and Lovable Cloud storage. |
| Basic scan | Runs fast configuration and dependency checks, including row-level security (RLS) policy linting, database schema review, and dependency audit. |
| Deep scan | Runs a more thorough agentic code review that includes Basic scan checks and adds access control review, backend endpoint protection, code-level vulnerability detection, and project-specific issues. |
| Optional security connectors | Add coverage from connected tools, such as Wiz or Aikido, when configured for the workspace. |
| Workspace and project metadata | Adds project state and usage signals, such as publish status, ownership, activity, credits, collaborators, connectors, secrets, and Lovable Cloud configuration. |
Review priority
Review priority indicates how urgently a project may need attention. It appears as High, Medium, Low, or Not scanned. Workspace insights assigns review priority based on the active findings and signals on a project. Signals that increase review priority include public exposure, open security findings, unresolved personal data findings, abandoned published projects, and projects with no active owner. Signals such as connectors, secrets, external collaborators, shared access, and edge functions can also contribute because they may require periodic review. A project with no scan data shows as Not scanned.Findings and signals
The findings and signals below contribute to review priority. Projects with stronger or overlapping findings and signals are more likely to appear with higher review priority.| Finding | What it means |
|---|---|
| Public app with security errors | The project is publicly exposed and has error-level security findings. |
| Public apps with PII and security findings | The project is published, contains personal data, and has warning-level or error-level security findings. |
| Security findings | The project has open security findings. |
| Public apps with PII | The project is published and contains personal data. |
| Abandoned published projects | The project is published and has no recent activity. |
| Orphaned projects | The project owner is no longer an active workspace member. |
| Open PII findings | The project has unresolved personal data findings. |
| Secrets | The project has secrets configured. Review whether they are still needed and correctly scoped. |
| Connectors | The project has external service connectors attached. Review how the app uses connected data. |
| External collaborators | The project has collaborators outside the workspace. |
| Shared projects | The project is shared with additional users. |
| Edge functions | The project has deployed edge functions. Run regular scans to keep backend code safe. |
Dashboard overview
Workspace insights is organized from summary to detail: workspace-level metrics, quick filters, the project table, expanded findings rows, and per-project detail views.Summary cards
The summary cards show the overall state of the workspace.| Card | What it shows |
|---|---|
| Total projects | Total number of projects in the workspace |
| Externally published | Projects published to the public internet |
| High review priority | Projects with signals that need urgent review |
Quick filters
The Quick filters row lets you jump directly to a filtered project table.| Quick filter | What it shows |
|---|---|
| Projects with PII | Projects with open personal data findings |
| Abandoned | Projects with no recent activity in the last 60 days. Includes edits, messages, sessions, and function calls. The abandoned-project threshold defaults to 60 days and can be configured per workspace to 30, 60, 120, or 180 days. |
| Security scan findings | Projects with open security findings |
| No owner | Projects whose owner is no longer an active workspace member, so the projects need a new accountable owner |
Project table
Every project in the workspace appears in a searchable, filterable, and sortable table. By default, each row shows the following columns:- Project name
- Review priority
- Publish status
- Owner
- Last security scan
- Last edit
- Credits (all-time credits consumed by the project)
Columns
Use the column menu to show or hide columns. Project name and Review priority are always visible. Additional columns include:- Project ID and Created
- Edits (7d) and Visitors (7d), each with a tooltip showing when the activity data was last updated
- Findings, Security findings, Security errors, Security warnings, and Security info
- Vulnerability findings, Critical vulnerabilities, High vulnerabilities, Medium vulnerabilities, Low vulnerabilities, and Total vulnerabilities
- PII findings
- Auth providers
- No owner, Abandoned, and External access
- Connectors, Lovable Cloud, and Edge functions
- Secret names and Secret integrations
Search
Use the Search projects… field to search by project name, owner, or description.Filters
The table can be filtered by review priority, publishing status, and findings.| Filter | Options |
|---|---|
| Review priority | High, Medium, Low |
| Publishing status | Externally published, Internally published, Not published |
| Findings | Security findings, Open PII findings, Project secrets, Connectors, External collaborators, Shared projects, Edge functions, Abandoned, No owner |
Sorting
Click a column header to sort by that column. Sort labels vary by column type:- Name columns use A-Z and Z-A.
- Date columns use Oldest first and Newest first.
- Review priority uses Highest first.
- Count columns use Fewest first and Most first.
Expanded findings row
Expand a project row to see the findings and signals that explain why the project is flagged. Click View on a finding to open the relevant project view for investigation and action. You can also click Run PII scan or Run security scan from the expanded row.Project details
Click the project name to open the full project details page. The project details page gives broader context about the project, including:- Project description
- Lovable Cloud details, when the project uses Lovable Cloud, including Status, Edge functions, Auth providers, Tables, Storage buckets, and Last synced.
- Connectors used by the project, such as Slack, Stripe, or Google Calendar, with links to connector settings.
- Website details, including Status, published URL, Project ID, Handles PII, Secrets, Edge functions, and Collaborators.
- Activity metrics, including Edits - 7d and either App visitors - 7d for published projects or Collaborators.
- Security findings and PII findings, including open findings and links to the relevant project view for more detail.
Export to CSV
Use the export control in the Security center header to export the project table to CSV. You can choose:| Export option | What it includes |
|---|---|
| Export visible columns | Only the columns currently shown in the table |
| Export all columns | Every available column |
workspace_insights_2026-06-23_15-30.csv.
Exports are capped at 100,000 rows. If the matching results exceed the cap, Lovable shows an Export truncated message and the file contains the rows included within the export limit. Narrow your filters to export the remaining projects.
Important notes
- Workspace insights reflects the latest workspace data Lovable has processed. Some values can lag behind recent changes.
- Review priority updates asynchronously after scans, connector changes, ownership changes, and other relevant project changes.
- Activity data, such as edits and visitors, can lag by up to 24 hours.
- The project detail view and some table columns show when the underlying data was last updated.
- Workspace insights helps identify projects that need attention, but changes still happen in the project itself.