Supabase Developer
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): No malicious behavior, obfuscation, or security vulnerabilities were identified in the skill. The code snippets provided are legitimate and follow official documentation patterns.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references the official '@supabase/supabase-js' library from npm. This is a trusted dependency from a verified organization.
- [DATA_EXFILTRATION] (SAFE): No hardcoded secrets or unauthorized network patterns were found. The examples correctly demonstrate using environment variables for sensitive URLs and keys.
- [PROMPT_INJECTION] (SAFE): There are no instructions that attempt to override agent constraints or bypass safety guidelines.
- [REMARK] (INFO): An automated scanner reported a malicious URL (supabase.auth.re), but this string does not exist in the analyzed files. The finding is likely a false positive or refers to external content not included in this skill's scope.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata