Loading...
Loading...
Found 12 Skills
Execute apply Supabase security best practices for secrets and access control. Use when securing API keys, implementing least privilege access, or auditing Supabase security configuration. Trigger with phrases like "supabase security", "supabase secrets", "secure supabase", "supabase API key security".
Supabase security and performance guidelines with Clerk authentication integration. Contains 40+ rules across 10 categories covering RLS policies, Clerk setup, database security, and more.
Orchestrate a complete Supabase security audit with guided step-by-step execution and ownership confirmation.
Test Row Level Security (RLS) policies for common bypass vulnerabilities and misconfigurations.
Create a test user (with explicit permission) to audit what authenticated users can access vs anonymous users. Detects IDOR, cross-user access, and privilege escalation.
Quick reference for all Supabase security audit skills with usage examples and command overview.
List and test exposed PostgreSQL RPC functions for security issues and potential RLS bypass.
Generate a comprehensive Markdown security audit report with executive summary, findings, and remediation guidance.
CRITICAL - Detect if the Supabase service_role key is leaked in client-side code. This is a P0 severity issue.
CRITICAL - Detect exposed PostgreSQL database connection strings in client-side code. Direct DB access is a P0 issue.
Attempt to list and read files from storage buckets to verify access controls.
Attempt to read data from exposed tables to verify actual data exposure and RLS effectiveness.