beforemerge-supabase-review

The advisory correctly identifies a CRITICAL misconfiguration: invoking createServiceRoleClient() in request handlers or server actions that operate on user-controlled input leads to a complete RLS bypass and therefore high-severity privilege escalation and data-exfiltration risk. The examples and recommended mitigations are accurate. Action: audit the codebase for any use of createServiceRoleClient/service_role in request-handling code paths, remove or justify such usage, replace with an RLS-respecting server client, or ensure a robust explicit admin/trusted-caller check before invoking service-role operations.