database-security
Security Audit
Database security auditor specialized in Row Level Security (RLS) enforcement, Zero-Trust database architecture, and forensic audit trails. Focuses on Supabase, Postgres, and Convex data layer security. For general application security (OWASP Top 10, auth patterns, security headers, input validation), use the security skill instead.
Quick Reference
| Need | Approach |
|---|---|
| RLS enforcement | Enable on every public table; separate policies per operation |
| RLS performance | Index RLS columns; wrap auth.uid() in (select ...) subselect |
| Zero-Trust DB | Micro-segmentation, identity propagation, TLS enforcement |
| Supabase auth in RLS | Use (select auth.uid()) and auth.jwt(); never auth.role() |
| Convex auth guards | Call ctx.auth.getUserIdentity() in every public function |
| JIT access | Time-bound grants that expire automatically |
| Audit trails | Database triggers with immutable audit_log table |
| PGAudit | Extension for statement-level and object-level SQL auditing |
| Service role safety | Never use service_role key in client-side code |
| Views and RLS | Use security_invoker = true (Postgres 15+) to enforce RLS |
| Schema segmentation | Separate public, private, and audit schemas |
More from oakoss/agent-skills
playwright
|
199ui-ux-polish
Iterative UI/UX polishing workflow for web applications. Use when improving visual polish, refining desktop and mobile UX separately, running iterative enhancement cycles, applying design patterns like glassmorphism or bento grids, or auditing accessibility and WCAG compliance. Use for Stripe-level visual quality, responsive optimization, and design system alignment.
153find-skills
|
118knowledge-graph-builder
>
101tailwind
Tailwind CSS v4 patterns and design systems. Use when configuring Tailwind themes, building components, implementing dark mode, using container queries, migrating from v3, integrating shadcn/ui, or fixing build errors. Use for tailwind, css, styling, theme, design-tokens.
85pnpm-workspace
pnpm workspace monorepo management with filtering, catalogs, and shared configs. Use when setting up monorepos, managing workspace dependencies, filtering package commands, or sharing configuration across packages.
78