- Home
- Skills
- Jeremylongshore
- Claude Code Plugins Plus Skills
- Supabase Known Pitfalls
supabase-known-pitfalls_skill
- Python
1.4k
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill jeremylongshore/claude-code-plugins-plus-skills --skill supabase-known-pitfalls- SKILL.md1.5 KB
Overview
This skill identifies and helps you avoid common Supabase anti-patterns and integration mistakes. It focuses on security, performance, and maintainability issues found in Supabase-backed applications. Use it to review code, guide onboarding, or audit existing integrations to reduce bugs and operational risk.
How this skill works
The skill scans Supabase client/server interactions and async patterns to detect known pitfalls such as insecure row-level policies, improper auth handling, and expensive queries. It prioritizes findings by severity, recommends concrete fixes, and suggests preventive measures like lint rules and CI checks. Results include a prioritized remediation plan and code-level suggestions for replacing anti-patterns with recommended approaches.
When to use it
- During code reviews of Supabase integrations
- When onboarding new developers to a Supabase codebase
- Before deploying features that interact with the database
- As part of a security or performance audit
- When consolidating or refactoring Supabase usage patterns
Best practices
- Prioritize authorization and row-level security issues before performance fixes
- Avoid client-side secrets and enforce server-side role checks
- Use pagination, index-aware queries, and RPC for heavy read/write paths
- Prefer single-source-of-truth patterns for auth tokens and session handling
- Add linting and CI tests that detect forbidden patterns and insecure configurations
- Document allowed Supabase flows and common replacements for anti-patterns
Example use cases
- Audit a repo to find missing row-level security (RLS) rules and suggest policy fixes
- Detect overfetching UI queries and recommend pagination or RPC endpoints
- Flag usage of service_role keys in client code and show secure server-side alternatives
- Create CI checks that fail builds when insecure environment variables or patterns are detected
- Onboard a new engineer with a targeted checklist of Supabase do/don't items for the project
FAQ
It prioritizes security issues first (auth, RLS, secrets), then performance and maintainability issues.
Does it provide code fixes or just reports?
It provides actionable remediation steps and recommended code patterns; you can apply fixes manually or integrate them into your workflow.