MCPxelMCPxel
Co-Pilot / 辅助式
更新于 a month ago

supabase-best-practices

Ppedrobarretocw
0.0k
pedrobarretocw/supabase-best-practices
82
Agent 评分

💡 摘要

一个为Supabase提供全面安全和性能指南的技能,集成了Clerk身份验证。

🎯 适合人群

Supabase开发者安全工程师数据库管理员DevOps专业人员技术项目经理

🤖 AI 吐槽:看起来很能打,但别让配置把人劝退。

安全分析中风险

风险:Medium。建议检查:是否执行 shell/命令行指令;是否发起外网请求(SSRF/数据外发)。以最小权限运行,并在生产环境启用前审计代码与依赖。

Supabase Best Practices

A comprehensive skill for AI coding agents providing Supabase security and performance guidelines with Clerk authentication integration.

Installation

npx add-skill pedrobarretocw/supabase-best-practices

Installation Options

# Global installation (available in all projects)
npx add-skill pedrobarretocw/supabase-best-practices --global

# Project-specific installation
npx add-skill pedrobarretocw/supabase-best-practices

What's Included

  • 40+ Rules across 10 categories
  • RLS Best Practices with performance benchmarks (up to 99.99% improvement)
  • Clerk Integration following official recommendations (as of 2025)
  • Security Patterns for production applications
  • Comprehensive Guidelines document with all rules expanded

Categories

| Priority | Category | Impact | Rules | |----------|----------|--------|-------| | 1 | Row Level Security | CRITICAL | 8 | | 2 | Clerk Integration | CRITICAL | 7 | | 3 | Database Security | HIGH | 6 | | 4 | Authentication Patterns | HIGH | 4 | | 5 | API Security | HIGH | 3 | | 6 | Storage Security | MEDIUM-HIGH | 3 | | 7 | Realtime Security | MEDIUM | 3 | | 8 | Edge Functions | MEDIUM | 3 | | 9 | Testing | MEDIUM | 3 | | 10 | Security | MEDIUM | 2 |

Supported Platforms

| Platform | Support | |----------|---------| | Claude Code | Full | | OpenCode | Full | | Cursor | Full | | GitHub Copilot | Full | | Roo Code | Full |

Quick Start

After installation, the skill provides guidelines for:

  • Setting up a new Supabase project
  • Integrating Clerk authentication
  • Writing Row Level Security policies
  • Designing database schemas
  • Implementing real-time features
  • Reviewing code for security issues

Key RLS Performance Benchmarks

Based on Supabase RLS Performance Tests:

| Optimization | Improvement | |-------------|-------------| | Add indexes | 99.94% | | Wrap with SELECT | 94.97% | | Security definer | 99.993% | | Fix joins | 99.78% | | Specify TO role | 99.78% |

File Structure

supabase-best-practices/
├── SKILL.md                    # Main skill file
├── README.md                   # This file
├── LICENSE                     # MIT License
└── references/
    ├── supabase-guidelines.md  # Complete guide
    └── rules/
        ├── rls-*.md            # RLS rules
        ├── clerk-*.md          # Clerk integration rules
        ├── db-*.md             # Database security rules
        ├── auth-*.md           # Authentication rules
        ├── api-*.md            # API security rules
        ├── storage-*.md        # Storage rules
        ├── realtime-*.md       # Realtime rules
        ├── edge-*.md           # Edge Functions rules
        ├── test-*.md           # Testing rules
        └── security-*.md       # Security rules

References

License

MIT

五维分析
清晰度9/10
创新性7/10
实用性9/10
完整性8/10
可维护性8/10
优缺点分析

优点

  • 涵盖多个类别的全面指南。
  • 与Clerk集成以增强安全性。
  • 行级安全的性能基准。
  • 支持多个编码平台。

缺点

  • 可能需要对Supabase的熟悉。
  • 复杂性可能会让初学者感到困惑。
  • 仅限于Supabase和Clerk集成。
  • 性能基准可能因用例而异。

相关技能

pytorch

S
toolCode Lib / 代码库
92/ 100

“它是深度学习的瑞士军刀,但祝你好运能从47种安装方法里找到那个不会搞崩你系统的那一个。”

查看测评

agno

S
toolCode Lib / 代码库
90/ 100

“它承诺成为智能体领域的Kubernetes,但得看开发者有没有耐心学习又一个编排层。”

查看测评

nuxt-skills

S
toolCo-Pilot / 辅助式
90/ 100

“这本质上是一份组织良好的小抄,能把你的 AI 助手变成一只 Nuxt 框架的复读机。”

查看测评

免责声明:本内容来源于 GitHub 开源项目,仅供展示和评分分析使用。

版权归原作者所有 pedrobarretocw.