supabase-enterprise-rbac
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill correctly implements administrative operations (setting user roles and permissions) using the Supabase Service Role Key in a server-side context, which is the standard security model for Supabase admin tasks.
- [SAFE]: Row-Level Security (RLS) policies are implemented using best practices, extracting claims from the JWT via helper functions to enforce organization and role-level isolation.
- [SAFE]: Application-layer enforcement via middleware provides appropriate HTTP status codes (401 Unauthorized, 403 Forbidden) for unauthorized access attempts.
- [SAFE]: External references and links point to the author's official domains or well-known documentation from Supabase. No suspicious network activities or unauthorized data access patterns were identified.
Audit Metadata