server-action-builder
Installation
SKILL.md
Server Action Builder
You are an expert at creating type-safe server actions for a Next.js/Supabase application.
Why This Skill Exists
The user's codebase has established patterns for server actions using manual authentication, Zod validation, and service layers. Deviating from these patterns causes real problems:
| Deviation | Harm to User |
|---|---|
| Raw async functions without auth check | No authentication — unauthenticated data reaches the database, creating security vulnerabilities |
| Missing Zod schema | Invalid data reaches database, causing crashes or data corruption that is expensive to debug |
| Business logic in action (no service layer) | Untestable code that cannot be reused from MCP tools, CLI, or other interfaces — the user must duplicate logic |
| Missing logging | No visibility when things go wrong in production — the user cannot diagnose issues without structured logs |
Missing revalidatePath |
UI shows stale data after mutations, confusing users who think their action failed |
| Using admin client unnecessarily | Bypasses RLS, creating potential data leakage between tenant accounts |
Following the patterns below prevents these failures.