skills/jeremylongshore/claude-code-plugins-plus-skills/supabase-policy-guardrails/Gen Agent Trust Hub
supabase-policy-guardrails
Warn
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
Bash(supabase:*),Bash(psql:*), andBash(npx:*)to perform database migrations, execute administrative queries, and run runtime scripts such as security audits and cost monitors. - [DATA_EXFILTRATION]: The cost monitoring script (
scripts/supabase-cost-monitor.ts) fetches usage metrics from the Supabase Management API and transmits this data to external services via Slack webhooks. - [COMMAND_EXECUTION]: The security audit logic in
scripts/supabase-security-audit.tsrelies on a customrun_sqlRPC in the database, which functions as a dynamic execution sink for SQL commands generated by the script. - [PROMPT_INJECTION]: The skill processes untrusted data from database schema metadata (e.g., table and column names) and local migration files, creating a surface for indirect prompt injection if those objects are maliciously named.
- Ingestion points:
supabase/migrations/*.sqlfiles and outputs fromsupabase db queryorpsqltools. - Boundary markers: None present.
- Capability inventory: Full file access (Read, Write, Edit), network operations (
fetch), and subprocess execution (supabase,psql,tsx). - Sanitization: The provided PL/pgSQL templates use
EXECUTE format(...)to escape database identifiers, which is a standard security practice for dynamic SQL construction.
Audit Metadata