supabase-workflow

SUSPICIOUS: the core Supabase CLI usage is coherent and mostly benign, but the skill expands its footprint with project-specific SQL wrappers and instructs disabling JWT verification for edge functions. The main risk is not malware-like behavior; it is weakened security controls plus direct remote database/function actions without explicit approval boundaries.