Loading...
Loading...
Found 174 Skills
Postgres performance optimization and best practices from Supabase. Use this skill when writing, reviewing, or optimizing Postgres queries, schema designs, or database configurations.
Use when doing ANY task involving Supabase. Triggers: Supabase products (Database, Auth, Edge Functions, Realtime, Storage, Vectors, Cron, Queues); client libraries and SSR integrations (supabase-js, @supabase/ssr) in Next.js, React, SvelteKit, Astro, Remix; auth issues (login, logout, sessions, JWT, cookies, getSession, getUser, getClaims, RLS); Supabase CLI or MCP server; schema changes, migrations, security audits, Postgres extensions (pg_graphql, pg_cron, pg_vector).
Initialize and manage the evidence collection directory for professional security audits with documented proof of findings.
Manage Supabase projects, databases, migrations, Edge Functions, and storage using the `supabase` CLI.
Supabase's UI design system. Use when building interfaces inspired by Supabase's aesthetic - dark mode, Inter font, 4px grid.
Extract the Supabase anon/public API key from client-side code. This key is expected in client apps but important for RLS testing.
List all storage buckets and their configuration to identify the storage attack surface.
Identify storage buckets that are publicly accessible and may contain sensitive data.
Supabase security and performance guidelines with Clerk authentication integration. Contains 40+ rules across 10 categories covering RLS policies, Clerk setup, database security, and more.
List and test exposed PostgreSQL RPC functions for security issues and potential RLS bypass.
CRITICAL - Detect exposed PostgreSQL database connection strings in client-side code. Direct DB access is a P0 issue.
Supabase open-source Firebase alternative with Postgres, authentication, storage, and realtime subscriptions. Use when building full-stack applications requiring integrated backend services with Next.js, React, or Vue.