jang4360/.agents/skills/supabase-rls-standard
.agents/skills/supabase-rls-standard/SKILL.md
# Skill: supabase-rls-standard ## Purpose Apply standardized Row-Level Security policies. ## Triggers - Creating new tables - Modifying ownership rules - Introducing role-based access ## Canonical References - SECURITY_CHECKLIST.md (RLS section) - AGENTS.md ## Responsibilities - Ensure RLS is enabled - Apply ownership + role override template - Index policy columns ## Implementation Steps 1. Enable RLS on new tables. 2. Create SELECT/INSERT/UPDATE/DELETE policies. 3. Use ownership pattern:
testing
Updated Apr 6, 2026
$ install --global
skillsauthnpx skillsauth add jang4360/historychat .agents/skills/supabase-rls-standardInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 6, 2026, 2:14 AM10.3s1 file scanned
SKILL.md
Skill: supabase-rls-standard
Purpose
Apply standardized Row-Level Security policies.
Triggers
- Creating new tables
- Modifying ownership rules
- Introducing role-based access
Canonical References
- SECURITY_CHECKLIST.md (RLS section)
- AGENTS.md
Responsibilities
- Ensure RLS is enabled
- Apply ownership + role override template
- Index policy columns
Implementation Steps
- Enable RLS on new tables.
- Create SELECT/INSERT/UPDATE/DELETE policies.
- Use ownership pattern: owner_id = auth.uid()
- Add admin/support override if required.
- Add index on owner_id or policy columns.
Required Artifacts
- supabase/migrations/*.sql
Verification
- RLS smoke test passes
- Unauthorized user cannot access foreign rows
Related Skills
jang4360/.agents/skills/testing-vitest-playwright
development
VerifiedTrustedCommunity
# Skill: testing-vitest-playwright ## Purpose Ensure test coverage for route handlers and critical flows. ## Triggers - New API route - Billing logic - Auth changes ## Responsibilities - Unit test core logic - Test webhook idempotency - Test auth guards ## Implementation Steps 1. Write unit test for business logic. 2. Mock webhook replay scenario. 3. Test unauthorized access case. ## Required Artifacts - tests/*
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/systematic-debugging
development
VerifiedTrustedCommunity
# Skill: systematic-debugging ## Purpose Enforce structured debugging workflow. ## Triggers - Production bug - CI failure - Billing mismatch ## Responsibilities - Reproduce - Identify root cause - Patch - Add regression test ## Implementation Steps 1. Reproduce issue locally. 2. Add failing test. 3. Fix. 4. Confirm test passes.
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/supabase-auth-ssr-session
tools
VerifiedTrustedCommunity
# Skill: supabase-auth-ssr-session ## Purpose Implement SSR-based authentication using Supabase with secure cookie handling. ## Triggers - Adding login/logout - Protecting routes - Accessing user session server-side ## Canonical References - AGENTS.md - SECURITY_CHECKLIST.md (Auth section) ## Responsibilities - Create browser and server Supabase clients - Enforce cookie-based session flow - Protect admin routes ## Implementation Steps 1. Create `createBrowserClient` and `createServerClient`
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/security-headers-csp
testing
VerifiedTrustedCommunity
# Skill: security-headers-csp ## Purpose Apply secure HTTP headers and Content Security Policy. ## Triggers - Deploying to Vercel - Introducing third-party scripts - Hardening production ## Canonical References - SECURITY_CHECKLIST.md ## Responsibilities - Configure CSP (Report-Only first) - Add security headers ## Implementation Steps 1. Configure next.config headers. 2. Add CSP header. 3. Use Report-Only mode initially. 4. Monitor violations. ## Required Artifacts - next.config.js ## Ve
SKILL.mdUpdated Apr 6, 2026