supabase-admin
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill contains standard instructional content for Supabase administration without any attempts to bypass safety filters or override agent behavior.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or suspicious network operations were identified. The use of Supabase-specific functions like
auth.uid()andauth.jwt()is appropriate for the stated purpose. - Unverifiable Dependencies (SAFE): No external package installations or remote script executions are present. The skill relies on standard tools and the
mcp__supabase__*protocol for its operations. - Indirect Prompt Injection (LOW): The skill is designed to process and generate SQL schemas and migrations, which are untrusted data entry points.
- Ingestion points: Reads and modifies migration files in
supabase/migrations/and processes schema definitions. - Boundary markers: None explicitly defined in the prompt instructions to isolate external SQL content.
- Capability inventory: Uses
Bash,Write, andEditfor file system operations, andmcp__supabase__*for direct database interaction. - Sanitization: The skill provides best-practice templates (e.g.,
SECURITY DEFINERuse, index optimization) which encourage safe output generation, though it does not explicitly sanitize input SQL. - Dynamic Execution (SAFE): There is no evidence of runtime code generation, unsafe deserialization, or library injection. SQL execution is performant and uses standard PostgreSQL patterns.
Audit Metadata