- Home
- Skills
- Busirocket
- Agents Skills
- Busirocket Supabase Boundaries
busirocket-supabase-boundaries_skill
0
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill busirocket/agents-skills --skill busirocket-supabase-boundaries- SKILL.md1.5 KB
Overview
This skill defines service boundary patterns for projects that use Supabase. It enforces centralized Supabase access in small, typed service wrappers and prevents direct Supabase calls from UI, hooks, utilities, or route handlers. The goal is safer, easier-to-test, and more maintainable data access across TypeScript, React, Next.js, Rust, and Tauri codebases.
How this skill works
The skill inspects code for direct imports or calls to the Supabase client outside designated service modules and flags violations. It requires a single client module and dedicated services/supabase/* wrappers that expose focused, typed functions. Each rule includes clear examples of correct and incorrect patterns and recommends where to place the Supabase client and service wrappers.
When to use it
- When adding or refactoring database access in a Supabase project
- When enforcing architecture or security boundaries for server and client code
- When creating typed service layers for unit testing and dependency injection
- When auditing code to remove scattered Supabase imports and improve maintainability
- When onboarding contributors to a codebase that must follow consistent access patterns
Best practices
- Never import @supabase/supabase-js outside a single client module and service wrappers
- Centralize all Supabase interactions in services/supabase/* and keep functions small and focused
- Type inputs and outputs for every wrapper function to make tests and refactors safer
- Avoid exposing raw Supabase client instances; return only domain-relevant data or helper functions
- Use service wrappers to encapsulate auth, RBAC, and policy logic rather than sprinkling checks across components
Example use cases
- Refactoring a Next.js app so components call services/users.getProfile() instead of using the Supabase client directly
- Adding unit tests by mocking service wrapper functions rather than stubbing the Supabase client
- Creating a single lib/supabase.ts client and multiple small service modules (e.g., services/supabase/posts.ts)
- Auditing a mixed codebase to locate and remove direct Supabase imports from route handlers and hooks
- Implementing server-side access controls inside service wrappers so UI code only receives sanitized results
FAQ
Scattered imports make it hard to change authentication, add logging, mock data for tests, and enforce access policies. A single client and service layer centralize these concerns.
What belongs in a service wrapper versus a component?
Data fetching, permission checks, and transformations belong in service wrappers. Components should only call wrapper functions and render results.