Does this skill cover server-side administrative access?

Yes, it provides implementation patterns for using the Supabase Service Role Key in server-side environments to bypass RLS securely for background tasks and administrative operations.

How do I enable RLS using this skill?

The skill provides standardized SQL commands such as 'ALTER TABLE table_name ENABLE ROW LEVEL SECURITY;' to ensure your database tables are protected by default before applying specific policies.

How do I test my RLS policies safely?

The skill provides SQL snippets to simulate specific user JWT claims using 'SET request.jwt.claim.sub', allowing you to verify access control directly in your SQL editor without needing a frontend.

Can this skill help with multi-tenant SaaS applications?

Yes, it includes specialized patterns for team-based access, allowing you to restrict data visibility to specific team members using subqueries and join logic.

Supabase Row Level Security

Name: Supabase Row Level Security
Author: dvorkinguy

bydvorkinguy

0•

Database Management

Streamlines the creation, implementation, and testing of Supabase Row Level Security policies to ensure robust data isolation.

This skill empowers developers to implement secure, production-grade Row Level Security (RLS) within their Supabase projects by providing standardized templates for user-specific data, multi-tenant architectures, and role-based access control. It offers guidance on enabling RLS on tables, crafting granular SQL policies for CRUD operations, and safe patterns for bypassing RLS in server-side contexts using service role keys, while including a comprehensive security checklist to prevent common vulnerabilities and data leaks.

Key Features

01Multi-tenant and team-based access patterns using subqueries

02Standardized templates for user-owned data policies across all CRUD operations

03Role-based access control (RBAC) implementation for administrative overrides

04Best practices for server-side service role bypass in environments like Next.js

05Security testing scripts for JWT claim simulation and policy verification

060 GitHub stars

Use Cases

01Hardening Supabase databases against unauthorized access through granular security policies

02Implementing strict multi-tenant data isolation for SaaS applications

03Developing complex role-based access systems for enterprise team management

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add dvorkinguy/claude-skills-agents supabase-rls

For use in Claude.ai and ChatGPT

Download Skill