supabase
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reference guide for developers and does not contain any malicious instructions, prompt injections, or obfuscated code. It is marked with
disable-model-invocation: true, indicating it is intended for context/documentation rather than direct execution by the agent. - [EXTERNAL_DOWNLOADS]: The instructions include installing standard, well-known packages from the official npm registry (
@supabase/supabase-js,supabase,@supabase/ssr) and referencing modules from established repositories likedeno.landandesm.shfor Edge Functions. - [CREDENTIALS_UNSAFE]: The skill correctly demonstrates using environment variables for secret management and explicitly warns against exposing the
service_rolekey in client-side code, adhering to security best practices.
Audit Metadata