supabase-js
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill primarily serves as a documentation reference for the @supabase/supabase-js library.
- [EXTERNAL_DOWNLOADS]: The skill and its references mention downloading official packages from npm (e.g., @supabase/supabase-js) and fetching assets from Supabase's official GitHub repository. These are well-known and trusted sources.
- [CREDENTIALS_UNSAFE]: While the skill discusses authentication and database access, it correctly uses placeholders (like 'public-anon-key', '<anon_key>', or 'SUPABASE_SERVICE_ROLE_KEY') and instructs users to manage secrets via environment variables or secure server-side configurations.
Audit Metadata