Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

jawwadfirdousi/supabase

Name: supabase
Author: jawwadfirdousi

skills/supabase/SKILL.md

npx skillsauth add jawwadfirdousi/agent-skills supabase

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Supabase CLI

Interact with Supabase projects: queries and schema management.

When the user names a project and env, invoke with --project <project> --env <env>. The script loads skills/supabase/env/<project>-<env>.env automatically. If only one .env file exists in skills/supabase/env, --project and --env are optional.

If the script reports SUPABASE_URL not set or SUPABASE_ACCESS_TOKEN not set, the user has not completed setup. Ask them to follow skills/supabase/README.md.

Quick Commands

# SQL query (management API, returns results)
# Works without --project/--env only when skills/supabase/env has exactly one .env file
scripts/supabase.sh sql "SELECT * FROM users LIMIT 5"
scripts/supabase.sh sql --project my-project --env dev "SELECT * FROM users LIMIT 5"
scripts/supabase.sh sql --project my-project --env prod "SELECT * FROM users LIMIT 5"

# SQL file (management API)
scripts/supabase.sh sql-file ./migrations/001_init.sql
scripts/supabase.sh sql-file --project my-project --env dev ./migrations/001_init.sql

Commands Reference

sql - Run raw SQL via management API (returns results)

scripts/supabase.sh sql "<SQL>"
scripts/supabase.sh sql --project <project> --env <name> "<SQL>"
scripts/supabase.sh sql --env-file skills/supabase/env/<project>-<env>.env "<SQL>"

# Examples
scripts/supabase.sh sql "SELECT COUNT(*) FROM users"
scripts/supabase.sh sql "CREATE TABLE items (id serial primary key, name text)"
scripts/supabase.sh sql "SELECT * FROM users WHERE created_at > '2024-01-01'"
scripts/supabase.sh sql "INSERT INTO users (name, email) VALUES ('Alice', '[email protected]')"
scripts/supabase.sh sql "UPDATE users SET status = 'inactive' WHERE id = '123'"
scripts/supabase.sh sql "DELETE FROM sessions WHERE expires_at < now()"

sql-file - Run raw SQL from a file via management API

scripts/supabase.sh sql-file <path>
scripts/supabase.sh sql-file --project <project> --env <name> <path>
scripts/supabase.sh sql-file --env-file skills/supabase/env/<project>-<env>.env <path>

# Example
scripts/supabase.sh sql-file ./migrations/001_init.sql

Shared options

--project <name>   # Project name in skills/supabase/env/<project>-<env>.env
--env <name>       # Env name in skills/supabase/env/<project>-<env>.env
--env-file <path>  # Loads env file by path (absolute or repo-relative)

Env selection behavior

1) If --env-file is set -> load that file
2) Else if --project and --env are set -> load skills/supabase/env/<project>-<env>.env
3) Else if skills/supabase/env has exactly one .env file -> load it (project/env not required)
4) Else if skills/supabase/env has multiple .env files -> require --project + --env, or --env-file
5) Else fallback to existing .env.supabase* behavior

Common Operations via sql/sql-file

DDL (schema changes)

# Create table
scripts/supabase.sh sql "CREATE TABLE public.items (id uuid PRIMARY KEY DEFAULT gen_random_uuid(), name text NOT NULL);"

# Alter table
scripts/supabase.sh sql "ALTER TABLE public.items ADD COLUMN created_at timestamptz NOT NULL DEFAULT now();"

# Drop table
scripts/supabase.sh sql "DROP TABLE public.items;"

# Enable extension
scripts/supabase.sh sql "CREATE EXTENSION IF NOT EXISTS vector;"

Views

scripts/supabase.sh sql "CREATE OR REPLACE VIEW public.active_items AS SELECT * FROM public.items WHERE deleted_at IS NULL;"

Functions / RPC

scripts/supabase.sh sql "CREATE OR REPLACE FUNCTION public.ping() RETURNS text LANGUAGE sql AS $$ SELECT 'ok'::text; $$;"
scripts/supabase.sh sql "GRANT EXECUTE ON FUNCTION public.ping() TO authenticated;"

Triggers

scripts/supabase.sh sql "CREATE OR REPLACE FUNCTION public.set_updated_at() RETURNS trigger LANGUAGE plpgsql AS $$ BEGIN NEW.updated_at = now(); RETURN NEW; END; $$;"
scripts/supabase.sh sql "CREATE TRIGGER items_set_updated_at BEFORE UPDATE ON public.items FOR EACH ROW EXECUTE FUNCTION public.set_updated_at();"

RLS (Row Level Security)

# Enable RLS
scripts/supabase.sh sql "ALTER TABLE public.items ENABLE ROW LEVEL SECURITY;"

# Example policy (owners can read)
scripts/supabase.sh sql "CREATE POLICY \"items_read_own\" ON public.items FOR SELECT TO authenticated USING (owner_id = auth.uid());"

# Example policy (owners can write)
scripts/supabase.sh sql "CREATE POLICY \"items_write_own\" ON public.items FOR INSERT TO authenticated WITH CHECK (owner_id = auth.uid());"

Storage Buckets (metadata only; file upload uses Storage API)

# Create bucket
scripts/supabase.sh sql "INSERT INTO storage.buckets (id, name, public) VALUES ('payment-proofs', 'payment-proofs', false);"

# Toggle public
scripts/supabase.sh sql "UPDATE storage.buckets SET public = true WHERE id = 'payment-proofs';"

# Delete bucket metadata (does not delete files)
scripts/supabase.sh sql "DELETE FROM storage.buckets WHERE id = 'payment-proofs';"

Storage RLS Policies

# Enable RLS (if not already enabled)
scripts/supabase.sh sql "ALTER TABLE storage.objects ENABLE ROW LEVEL SECURITY;"

# Allow authenticated users to read from a specific bucket
scripts/supabase.sh sql "CREATE POLICY \"read_payment_proofs\" ON storage.objects FOR SELECT TO authenticated USING (bucket_id = 'payment-proofs');"

# Allow authenticated users to upload to a specific bucket
scripts/supabase.sh sql "CREATE POLICY \"write_payment_proofs\" ON storage.objects FOR INSERT TO authenticated WITH CHECK (bucket_id = 'payment-proofs');"

Introspection / Debugging

# List public tables
scripts/supabase.sh sql "SELECT table_name FROM information_schema.tables WHERE table_schema = 'public' ORDER BY table_name;"

# List columns for a table
scripts/supabase.sh sql "SELECT column_name, data_type, is_nullable, column_default FROM information_schema.columns WHERE table_schema = 'public' AND table_name = 'items' ORDER BY ordinal_position;"

# Show policies
scripts/supabase.sh sql "SELECT schemaname, tablename, policyname, roles, cmd, qual, with_check FROM pg_policies ORDER BY schemaname, tablename, policyname;"

Notes

sql / sql-file run with management API privileges; treat like admin access

jawwadfirdousi/supabase

skills/supabase/SKILL.md

Run Supabase Management API SQL for persistent data tasks such as querying records, applying schema changes, managing policies, and handling storage metadata. Use when requests involve Supabase database CRUD, migrations, or production-like data inspection.

10 stars

development

Updated May 6, 2026

$ install --global

skillsauth

npx skillsauth add jawwadfirdousi/agent-skills supabase

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 6, 2026, 8:15 AM161.0s4 files scanned

SKILL.md

name:: supabase
description:: Run Supabase Management API SQL for persistent data tasks such as querying records, applying schema changes, managing policies, and handling storage metadata. Use when requests involve Supabase database CRUD, migrations, or production-like data inspection.
author:: supabase
version:: 1.0
priority:: critical
compatibility:: Requires network access to Supabase API.

Supabase CLI

Interact with Supabase projects: queries and schema management.

If the script reports SUPABASE_URL not set or SUPABASE_ACCESS_TOKEN not set, the user has not completed setup. Ask them to follow skills/supabase/README.md.

Quick Commands

# SQL query (management API, returns results)
# Works without --project/--env only when skills/supabase/env has exactly one .env file
scripts/supabase.sh sql "SELECT * FROM users LIMIT 5"
scripts/supabase.sh sql --project my-project --env dev "SELECT * FROM users LIMIT 5"
scripts/supabase.sh sql --project my-project --env prod "SELECT * FROM users LIMIT 5"

# SQL file (management API)
scripts/supabase.sh sql-file ./migrations/001_init.sql
scripts/supabase.sh sql-file --project my-project --env dev ./migrations/001_init.sql

Commands Reference

sql - Run raw SQL via management API (returns results)

scripts/supabase.sh sql "<SQL>"
scripts/supabase.sh sql --project <project> --env <name> "<SQL>"
scripts/supabase.sh sql --env-file skills/supabase/env/<project>-<env>.env "<SQL>"

# Examples
scripts/supabase.sh sql "SELECT COUNT(*) FROM users"
scripts/supabase.sh sql "CREATE TABLE items (id serial primary key, name text)"
scripts/supabase.sh sql "SELECT * FROM users WHERE created_at > '2024-01-01'"
scripts/supabase.sh sql "INSERT INTO users (name, email) VALUES ('Alice', '[email protected]')"
scripts/supabase.sh sql "UPDATE users SET status = 'inactive' WHERE id = '123'"
scripts/supabase.sh sql "DELETE FROM sessions WHERE expires_at < now()"

sql-file - Run raw SQL from a file via management API

scripts/supabase.sh sql-file <path>
scripts/supabase.sh sql-file --project <project> --env <name> <path>
scripts/supabase.sh sql-file --env-file skills/supabase/env/<project>-<env>.env <path>

# Example
scripts/supabase.sh sql-file ./migrations/001_init.sql

Shared options

--project <name>   # Project name in skills/supabase/env/<project>-<env>.env
--env <name>       # Env name in skills/supabase/env/<project>-<env>.env
--env-file <path>  # Loads env file by path (absolute or repo-relative)

Env selection behavior

1) If --env-file is set -> load that file
2) Else if --project and --env are set -> load skills/supabase/env/<project>-<env>.env
3) Else if skills/supabase/env has exactly one .env file -> load it (project/env not required)
4) Else if skills/supabase/env has multiple .env files -> require --project + --env, or --env-file
5) Else fallback to existing .env.supabase* behavior

Common Operations via sql/sql-file

DDL (schema changes)

# Create table
scripts/supabase.sh sql "CREATE TABLE public.items (id uuid PRIMARY KEY DEFAULT gen_random_uuid(), name text NOT NULL);"

# Alter table
scripts/supabase.sh sql "ALTER TABLE public.items ADD COLUMN created_at timestamptz NOT NULL DEFAULT now();"

# Drop table
scripts/supabase.sh sql "DROP TABLE public.items;"

# Enable extension
scripts/supabase.sh sql "CREATE EXTENSION IF NOT EXISTS vector;"

Views

scripts/supabase.sh sql "CREATE OR REPLACE VIEW public.active_items AS SELECT * FROM public.items WHERE deleted_at IS NULL;"

Functions / RPC

scripts/supabase.sh sql "CREATE OR REPLACE FUNCTION public.ping() RETURNS text LANGUAGE sql AS $$ SELECT 'ok'::text; $$;"
scripts/supabase.sh sql "GRANT EXECUTE ON FUNCTION public.ping() TO authenticated;"

Triggers

scripts/supabase.sh sql "CREATE OR REPLACE FUNCTION public.set_updated_at() RETURNS trigger LANGUAGE plpgsql AS $$ BEGIN NEW.updated_at = now(); RETURN NEW; END; $$;"
scripts/supabase.sh sql "CREATE TRIGGER items_set_updated_at BEFORE UPDATE ON public.items FOR EACH ROW EXECUTE FUNCTION public.set_updated_at();"

RLS (Row Level Security)

# Enable RLS
scripts/supabase.sh sql "ALTER TABLE public.items ENABLE ROW LEVEL SECURITY;"

# Example policy (owners can read)
scripts/supabase.sh sql "CREATE POLICY \"items_read_own\" ON public.items FOR SELECT TO authenticated USING (owner_id = auth.uid());"

# Example policy (owners can write)
scripts/supabase.sh sql "CREATE POLICY \"items_write_own\" ON public.items FOR INSERT TO authenticated WITH CHECK (owner_id = auth.uid());"

Storage Buckets (metadata only; file upload uses Storage API)

# Create bucket
scripts/supabase.sh sql "INSERT INTO storage.buckets (id, name, public) VALUES ('payment-proofs', 'payment-proofs', false);"

# Toggle public
scripts/supabase.sh sql "UPDATE storage.buckets SET public = true WHERE id = 'payment-proofs';"

# Delete bucket metadata (does not delete files)
scripts/supabase.sh sql "DELETE FROM storage.buckets WHERE id = 'payment-proofs';"

Storage RLS Policies

# Enable RLS (if not already enabled)
scripts/supabase.sh sql "ALTER TABLE storage.objects ENABLE ROW LEVEL SECURITY;"

# Allow authenticated users to read from a specific bucket
scripts/supabase.sh sql "CREATE POLICY \"read_payment_proofs\" ON storage.objects FOR SELECT TO authenticated USING (bucket_id = 'payment-proofs');"

# Allow authenticated users to upload to a specific bucket
scripts/supabase.sh sql "CREATE POLICY \"write_payment_proofs\" ON storage.objects FOR INSERT TO authenticated WITH CHECK (bucket_id = 'payment-proofs');"

Introspection / Debugging

# List public tables
scripts/supabase.sh sql "SELECT table_name FROM information_schema.tables WHERE table_schema = 'public' ORDER BY table_name;"

# List columns for a table
scripts/supabase.sh sql "SELECT column_name, data_type, is_nullable, column_default FROM information_schema.columns WHERE table_schema = 'public' AND table_name = 'items' ORDER BY ordinal_position;"

# Show policies
scripts/supabase.sh sql "SELECT schemaname, tablename, policyname, roles, cmd, qual, with_check FROM pg_policies ORDER BY schemaname, tablename, policyname;"

Notes

sql / sql-file run with management API privileges; treat like admin access

Related Skills

jawwadfirdousi/trello

development

VerifiedTrustedCommunity

Manage Trello boards, lists, and cards via the Trello REST API.

10SKILL.mdUpdated May 29, 2026

jawwadfirdousi/trello

jawwadfirdousi/svg-creator

development

VerifiedTrustedCommunity

create, edit, review, validate, and package high-quality svg graphics, icons, illustrations, diagrams, logos, charts, patterns, and inline svg code. use when the user asks to make a beautiful svg, generate an .svg file, fix or optimize svg markup, convert a visual concept into svg, design an icon system, or verify svg accessibility, safety, path data, viewbox, gradients, masks, filters, and browser-safe rendering.

10SKILL.mdUpdated May 29, 2026

jawwadfirdousi/svg-creator