supabase

Installation

Summary

Complete Supabase integration for database, auth, storage, and serverless functions within agent workflows.

Covers all Supabase products: Database (with RLS and migrations), Auth (sessions, JWT, cookies), Edge Functions, Realtime, Storage, Vectors, Cron, and Queues
Supports client libraries (supabase-js, @supabase/ssr) and SSR frameworks (Next.js, React, SvelteKit, Astro, Remix)
Includes CLI commands for schema management, migrations, and security audits; MCP server for direct database queries and advisor checks
Built-in security checklist covering auth token handling, RLS policies, view access control, and storage permissions

SKILL.md

Supabase

Core Principles

1. Supabase changes frequently — verify against changelog and current docs before implementing. Do not rely on training data for Supabase features. Function signatures, config.toml settings, and API conventions change between versions.

First, fetch https://supabase.com/changelog.md (a lightweight summary index — not a heavy pull), scan for breaking-change tags relevant to your task, and follow the linked page for any that apply. Then look up the relevant topic using the documentation access methods below.

2. Verify your work. After implementing any fix, run a test query to confirm the change works. A fix without verification is incomplete.

3. Recover from errors, don't loop. If an approach fails after 2-3 attempts, stop and reconsider. Try a different method, check documentation, inspect the error more carefully, and review relevant logs when available. Supabase issues are not always solved by retrying the same command, and the answer is not always in the logs, but logs are often worth checking before proceeding.

4. Exposing tables to the Data API: Depending on the user's Data API settings, newly created tables may not be automatically exposed via the Data (REST) API. If this is the case, anon and authenticated roles will need to be explicitly granted access.