supabase-report_skill

This skill generates a comprehensive Supabase security audit report with executive summary, findings, and actionable remediation guidance for stakeholders.

27

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill yoanbernabeu/supabase-pentest-skills --skill supabase-report

  • SKILL.md11.4 KB

Overview

This skill generates a comprehensive Markdown security audit report for Supabase applications, including an executive summary, prioritized findings, detailed analysis, and remediation guidance. It also records progress and report metadata to the audit context so partial results are preserved during long or interrupted runs. The output is a ready-to-share supabase-audit-report.md tailored to stakeholders and engineering owners.

How this skill works

The skill reads collected findings and environment metadata from the audit context, verifies prerequisites, computes a security score, and assembles sections: Executive Summary, Severity Buckets (P0/P1/P2), Detailed Analysis, Remediation Plan, and Appendix. As it generates each section it appends timestamped entries to the audit log and updates the context file with incremental report metadata so progress is saved immediately. It can produce the full report or specific sections on demand.

When to use it

  • After completing collection and testing phases of a Supabase audit
  • When you need a stakeholder-ready report with prioritized remediation
  • To produce a compliance or incident response artifact
  • When comparing current findings to previous reports
  • If you want a Markdown file compatible with internal triage workflows

Best practices

  • Run the full supabase-pentest collection skills first so the context contains real findings
  • Keep .sb-pentest-context.json and .sb-pentest-audit.log writable so progress can be saved incrementally
  • Request the full report only after confirming findings_count in context to avoid empty outputs
  • Use the section-level generation option to iterate on executive summary or remediation plans without regenerating the entire document
  • Rotate secrets and follow remediation owners/deadlines listed in the generated plan

Example use cases

  • Generate a complete supabase-audit-report.md after storage, RLS, and edge-function tests are complete
  • Create an executive summary only to brief product and legal stakeholders
  • Produce a remediation plan for DevOps with actionable owners and deadlines
  • Regenerate just the Appendix after adding new technical proof-of-concept artifacts to the context file

FAQ

The skill refuses to produce an empty report and informs you to run the collection audit skills first; it lists the missing prerequisites and next steps.

Does the skill save progress during generation?

Yes. It writes timestamped entries to the audit log and updates the context JSON with report metadata progressively so partial outputs survive interruptions.

Can I generate only parts of the report?

Yes. You can request specific sections (for example, executive summary only) to speed iteration or to provide short briefings.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
supabase-report skill by yoanbernabeu/supabase-pentest-skills | VeilStrat