edge-function-new
Creates and deploys Supabase Edge Functions using Deno, enabling serverless execution with TypeScript/JavaScript support.
Install this skill
Security score
The edge-function-new skill was audited on Feb 9, 2026 and we found 16 security issues across 4 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 122 | headers: { 'Authorization': `Bearer ${apiKey}` } |
Template literal with variable interpolation in command context
| 169 | `${SUPABASE_URL}/functions/v1/function-name`, |
Template literal with variable interpolation in command context
| 173 | 'Authorization': `Bearer ${SUPABASE_ANON_KEY}`, |
Curl to non-GitHub URL
| 139 | # Test with curl |
Fetch to external URL
| 121 | const response = await fetch('https://api.example.com/data', { |
Webhook reference - potential data exfiltration
| 97 | **Webhook Handler** |
Webhook reference - potential data exfiltration
| 101 | // Verify webhook signature |
Access to .env file
| 45 | Deno.env.get('SUPABASE_URL') ?? '', |
Access to .env file
| 46 | Deno.env.get('SUPABASE_ANON_KEY') ?? '', |
Access to .env file
| 120 | const apiKey = Deno.env.get('THIRD_PARTY_API_KEY') |
Access to .env file
| 212 | echo "API_KEY=secret" > supabase/functions/.env |
Access to .env file
| 218 | const apiKey = Deno.env.get('API_KEY') |
External URL reference
| 35 | import { serve } from 'https://deno.land/[email protected]/http/server.ts' |
External URL reference
| 36 | import { createClient } from 'https://esm.sh/@supabase/supabase-js@2' |
External URL reference
| 121 | const response = await fetch('https://api.example.com/data', { |
External URL reference
| 140 | curl -X POST http://localhost:54321/functions/v1/function-name \ |