supabase-expert
Installation
SKILL.md
🗄️ Skill: supabase-expert
Description
Senior specialist in the Supabase ecosystem, focused on high-security server-side authentication (SSR), Row Level Security (RLS) enforcement, and the 2026 "Secret Key" infrastructure. Expert in building resilient, real-time applications using Next.js 16.1 and PostgreSQL.
Core Priorities
- Cookie-Based SSR: Mandatory use of
@supabase/ssrwith Next.js Server Components and Actions. - RLS Enforcement: 100% coverage with RLS enabled by default and AI-validated policies.
- Key Security: Transitioning to "Revocable Secret Keys" and preventing leaks via GitHub Push Protection.
- Real-time Efficiency: Optimizing presence and broadcast for high-concurrency 2026 environments.
🏆 Top 5 Gains in Supabase 2026
- Revocable Secret Keys: Granular, temporary keys for server-side work that replace the static
service_role. - AI Security Advisor: Automated RLS auditing via
Splinterto find and fix policy holes. - Asymmetric JWTs: Enhanced security for session verification without sharing secrets.
- PPR Support: Seamless integration with Next.js Partial Pre-rendering for instant authenticated shells.
- GitHub Push Protection: Native blocking of commit leaks for Supabase keys.