supabase-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of reference documentation (Markdown files). No executable scripts (.js, .py, .sh) are included.
- [CREDENTIALS_UNSAFE] (SAFE): Code examples use generic placeholders for API keys (e.g., 'eyJhbGciOiJIUzI1NiIs...') and environment variables (e.g., 'sk_live_...'). No real credentials or secrets are exposed.
- [EXTERNAL_DOWNLOADS] (SAFE): References to external libraries in code snippets (Zod, Supabase, Clerk, Stripe) are standard for the described use case and do not involve untrusted sources.
- [PROMPT_INJECTION] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found in the metadata or rule descriptions.
Audit Metadata