Skip to main content

Supabase Developer

Enables developers to build full-stack applications using Supabase's features like authentication, real-time data, and serverless functions.

Install this skill

or
60/100

Security score

The Supabase Developer skill was audited on Feb 27, 2026 and we found 28 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 724

Template literal with variable interpolation in command context

SourceSKILL.md
724filter: `user_id=eq.${userId}`
medium line 103

Webhook reference - potential data exfiltration

SourceSKILL.md
103- Background jobs and webhooks
medium line 854

Webhook reference - potential data exfiltration

SourceSKILL.md
854#### 6.2 Database Webhooks
low line 857

Webhook reference - potential data exfiltration

SourceSKILL.md
857-- Send webhook on new post
low line 858

Webhook reference - potential data exfiltration

SourceSKILL.md
858CREATE OR REPLACE FUNCTION send_post_webhook()
low line 863

Webhook reference - potential data exfiltration

SourceSKILL.md
863url := 'https://your-api.com/webhook',
low line 878

Webhook reference - potential data exfiltration

SourceSKILL.md
878EXECUTE FUNCTION send_post_webhook();
low line 143

Access to .env file

SourceSKILL.md
143# .env.local
low line 155

Access to .env file

SourceSKILL.md
155const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!
low line 156

Access to .env file

SourceSKILL.md
156const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
low line 169

Access to .env file

SourceSKILL.md
169process.env.NEXT_PUBLIC_SUPABASE_URL!,
low line 170

Access to .env file

SourceSKILL.md
170process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
low line 182

Access to .env file

SourceSKILL.md
182process.env.NEXT_PUBLIC_SUPABASE_URL!,
low line 183

Access to .env file

SourceSKILL.md
183process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
low line 814

Access to .env file

SourceSKILL.md
814Deno.env.get('SUPABASE_URL') ?? '',
low line 815

Access to .env file

SourceSKILL.md
815Deno.env.get('SUPABASE_SERVICE_ROLE_KEY') ?? ''
low line 1155

Access to .env file

SourceSKILL.md
1155process.env.TEST_SUPABASE_URL!,
low line 1156

Access to .env file

SourceSKILL.md
1156process.env.TEST_SUPABASE_ANON_KEY!
low line 1420

Access to .env file

SourceSKILL.md
1420import.meta.env.VITE_SUPABASE_URL,
low line 1421

Access to .env file

SourceSKILL.md
1421import.meta.env.VITE_SUPABASE_ANON_KEY
low line 118

External URL reference

SourceSKILL.md
118# 1. Go to https://supabase.com
low line 144

External URL reference

SourceSKILL.md
144NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
low line 212

External URL reference

SourceSKILL.md
212emailRedirectTo: 'https://yourapp.com/auth/callback'
low line 246

External URL reference

SourceSKILL.md
246redirectTo: 'https://yourapp.com/auth/callback',
low line 268

External URL reference

SourceSKILL.md
268emailRedirectTo: 'https://yourapp.com/auth/callback'
low line 807

External URL reference

SourceSKILL.md
807import { serve } from 'https://deno.land/[email protected]/http/server.ts'
low line 808

External URL reference

SourceSKILL.md
808import { createClient } from 'https://esm.sh/@supabase/supabase-js@2'
low line 863

External URL reference

SourceSKILL.md
863url := 'https://your-api.com/webhook',
Scanned on Feb 27, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawbackenddatabaseapibackend-developerdata-engineerproduct-managersupabasedevelopmentproduct
diegosouzapw/awesome-omni-skill