1
    Supabase RLS Doctor

    Supabase RLS Doctor

    by JustHandled Labs

    Audit your Supabase project for the row-level-security mistakes that quietly expose data: tables without RLS, policies that resolve to true, leaked service-role keys, missing auth.uid() checks, open storage buckets, overbroad grants, and migration drift. A local, read-only scan plus a full review checklist, each finding with severity, evidence, and a fix. No database changes without confirmation.

    Updated Jun 2026
    Security scanned
    Works with Claude Code

    $19

    · or 95 credits

    30-day refund guarantee

    Secure checkout via Stripe

    Included in download

    • Identify tables with missing or disabled Row Level Security (RLS)
    • Detect leaked service role keys in frontend application code
    • terminal, file_read automation included
    • Ready for Works with Claude Code
    • Instant install

    Sample input

    Audit my Supabase migrations and check if any of my tables are accidentally exposed to public users without proper RLS.

    Sample output

    Confirmed Findings

    • Severity: CRITICAL
    • Issue: RLS not enabled on profiles table.
    • Evidence: migrations/01_init.sql line 42.
    • Impact: Any user can read/write all profile data.
    • Fix: ALTER TABLE profiles ENABLE ROW LEVEL SECURITY;
    • Verification: Run scan_rls tool.

    About This Skill

    Deep Security Audits for Supabase Projects

    The Supabase RLS Doctor is a specialized security skill designed to identify critical data exposure risks in your Supabase infrastructure. It moves beyond basic linting by performing an evidence-first audit of your Row Level Security (RLS) policies, storage rules, and client-side initialization logic.

    What it does

    • Identifies public table exposure and unsafe 'anonymous' access policies.
    • Detects service role key leakage and frontend/backend boundary mistakes.
    • Audits Supabase Storage bucket rules for unauthorized file access.
    • Flags missing auth.uid() constraints and overbroad SQL grants.
    • Analyzes migration drift and tenant ownership rules for multi-tenant apps.

    Why use this skill

    Unlike generic AI prompts, this skill uses a structured, multi-step workflow. It leverages internal heuristic scanners and a comprehensive audit checklist to ensure no stone is left unturned. It doesn't just guess; it ranks findings by severity (Critical to Info), cites exact lines of code as evidence, and provides copy-pasteable remediation snippets that are safe to apply.

    Supported Inputs

    • SQL Migrations and Policy files
    • Supabase Client initialization code
    • Database schema snapshots
    • Storage policy configurations

    Use Cases

    • Identify tables with missing or disabled Row Level Security (RLS)
    • Detect leaked service role keys in frontend application code
    • Audit Supabase Storage buckets for insecure public access rules
    • Generate safe SQL remediation scripts for high-risk policy flaws
    • Verify auth.uid() constraints are correctly implemented for multi-tenancy

    Reviews

    No reviews yet - be the first to share your experience.

    Only users who have downloaded or purchased this skill can leave a review.

    Security Scanned

    Passed automated security review

    Permissions

    Terminal / Shell
    Read Files

    File Scopes

    supabase-rls-doctor/**
    *.sql
    supabase/migrations/*

    Read-only inspection first. The bundled scanner reads matching files and prints markdown or JSON findings. It installs nothing, transmits nothing, and modifies nothing. Any write, install, deploy, payment, delete, reset, live-account action, or external network lookup requires explicit user confirmation.

    Tags

    supabase
    security
    database-admin
    sql-audit
    backend-dev

    Works with Claude Code, Codex CLI, Cursor, OpenCode/OpenClaw, Gemini CLI, and other agents that load SKILL.md folders. The bundled scanner uses the Python 3 standard library only and degrades to manual checklist mode when Python or matching project files are unavailable.

    Creator

    JustHandled Labs

    JustHandled Labs creates focused agent skills and workflow packs for Claude, Codex, Cursor, and AI-assisted builders. Each tool is designed around a real repeatable task: cleaner commits, better PRs, stronger handoffs, safer repo hygiene, clearer documentation, and less copy-paste chaos. The goal is not generic AI productivity. The goal is specific workflows that are easier to run, review, and repeat. Maintained by H.J. Westerfield, with a background in communications, editing, project coordination, customer support, and practical AI systems. JustHandled Labs builds tools for people who want useful automation without theatrical complexity.

    Frequently Asked Questions

    Learn More About AI Agent Skills

    More Premium Skills

    designing-hybrid-context-layers

    Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.

    $1012 installs

    consumer-motivation-analyzer

    Go beyond surface-level feedback to uncover the psychological drivers and hidden motivations behind buyer behavior.

    $199 installs

    keyword-research

    Transform URLs or product lists into SEO keyword research packs with Google Ads data and intent-based clustering.

    $77 installs

    Bounty Security Pattern Master Library — 399 Vulnerability Patterns

    A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.

    $756 installs

    $19