supabase-best-practices
π‘ Summary
A skill providing comprehensive security and performance guidelines for Supabase with Clerk authentication integration.
π― Target Audience
π€ AI Roast: βPowerful, but the setup might scare off the impatient.β
Risk: Medium. Review: shell/CLI command execution; outbound network access (SSRF, data egress). Run with least privilege and audit before enabling in production.
Supabase Best Practices
A comprehensive skill for AI coding agents providing Supabase security and performance guidelines with Clerk authentication integration.
Installation
npx add-skill pedrobarretocw/supabase-best-practices
Installation Options
# Global installation (available in all projects) npx add-skill pedrobarretocw/supabase-best-practices --global # Project-specific installation npx add-skill pedrobarretocw/supabase-best-practices
What's Included
- 40+ Rules across 10 categories
- RLS Best Practices with performance benchmarks (up to 99.99% improvement)
- Clerk Integration following official recommendations (as of 2025)
- Security Patterns for production applications
- Comprehensive Guidelines document with all rules expanded
Categories
| Priority | Category | Impact | Rules | |----------|----------|--------|-------| | 1 | Row Level Security | CRITICAL | 8 | | 2 | Clerk Integration | CRITICAL | 7 | | 3 | Database Security | HIGH | 6 | | 4 | Authentication Patterns | HIGH | 4 | | 5 | API Security | HIGH | 3 | | 6 | Storage Security | MEDIUM-HIGH | 3 | | 7 | Realtime Security | MEDIUM | 3 | | 8 | Edge Functions | MEDIUM | 3 | | 9 | Testing | MEDIUM | 3 | | 10 | Security | MEDIUM | 2 |
Supported Platforms
| Platform | Support | |----------|---------| | Claude Code | Full | | OpenCode | Full | | Cursor | Full | | GitHub Copilot | Full | | Roo Code | Full |
Quick Start
After installation, the skill provides guidelines for:
- Setting up a new Supabase project
- Integrating Clerk authentication
- Writing Row Level Security policies
- Designing database schemas
- Implementing real-time features
- Reviewing code for security issues
Key RLS Performance Benchmarks
Based on Supabase RLS Performance Tests:
| Optimization | Improvement | |-------------|-------------| | Add indexes | 99.94% | | Wrap with SELECT | 94.97% | | Security definer | 99.993% | | Fix joins | 99.78% | | Specify TO role | 99.78% |
File Structure
supabase-best-practices/
βββ SKILL.md # Main skill file
βββ README.md # This file
βββ LICENSE # MIT License
βββ references/
βββ supabase-guidelines.md # Complete guide
βββ rules/
βββ rls-*.md # RLS rules
βββ clerk-*.md # Clerk integration rules
βββ db-*.md # Database security rules
βββ auth-*.md # Authentication rules
βββ api-*.md # API security rules
βββ storage-*.md # Storage rules
βββ realtime-*.md # Realtime rules
βββ edge-*.md # Edge Functions rules
βββ test-*.md # Testing rules
βββ security-*.md # Security rules
References
- Supabase RLS Guide
- Supabase + Clerk Integration
- Clerk Supabase Integration
- RLS Performance Discussion
License
MIT
Pros
- Comprehensive guidelines across multiple categories.
- Integration with Clerk for enhanced security.
- Performance benchmarks for Row Level Security.
- Supports multiple coding platforms.
Cons
- May require familiarity with Supabase.
- Complexity may overwhelm beginners.
- Limited to Supabase and Clerk integration.
- Performance benchmarks may vary by use case.
Related Skills
pytorch
SβIt's the Swiss Army knife of deep learning, but good luck figuring out which of the 47 installation methods is the one that won't break your system.β
agno
SβIt promises to be the Kubernetes for agents, but let's see if developers have the patience to learn yet another orchestration layer.β
nuxt-skills
SβIt's essentially a well-organized cheat sheet that turns your AI assistant into a Nuxt framework parrot.β
Disclaimer: This content is sourced from GitHub open source projects for display and rating purposes only.
Copyright belongs to the original author pedrobarretocw.