beforemerge-supabase-review
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is entirely composed of informational markdown files providing defensive security guidelines and best practices. No malicious instructions, obfuscation, or suspicious behaviors were detected.
- [NO_CODE]: No executable code, scripts, or binaries are included in the skill. While the README mentions a build script, no such file was provided in the package for analysis.
- [DATA_EXFILTRATION]: No network operations or patterns associated with data exfiltration were found. Environment variable examples in the rules are clearly placeholders used in documentation of 'incorrect' patterns.
- [PROMPT_INJECTION]: The skill does not contain instructions that attempt to manipulate the agent's core behavior or bypass safety filters. The use of 'CRITICAL' and 'IMPORTANT' tags is restricted to emphasizing security risks within the context of the Supabase rules.
Audit Metadata