supabase-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that place secrets directly in commands (e.g., --db-password , supabase secrets set KEY=value, and login with an access token), which would require the agent to handle or emit secret values verbatim if it composes those commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes SSO management (listed in SKILL.md under "Project management") and the examples (references/examples.yaml and sso example entries) show supabase sso add --metadata-url 'https://...' and --metadata-file usage, which causes the CLI to fetch and parse arbitrary external SAML metadata (untrusted third-party content) that is read and used to configure behavior—so remote content can materially influence actions.