supabase-known-pitfalls
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to provide guidance and automated search patterns for auditing Supabase codebases. It identifies critical security issues such as leaked service role keys and missing Row Level Security (RLS) policies.
- [SAFE]: Tool access is limited to
ReadandGrep, which are appropriate and safe for the stated purpose of code review and do not provide a path for code execution or data modification. - [SAFE]: External resources and documentation links point to official Supabase domains, providing trusted guidance for security best practices.
- [SAFE]: Example commands in
references/examples.mddemonstrate how to usegrepto find leaked secrets or potential PII logging without executing or exfiltrating any data.
Audit Metadata