Supabase Audit Realtime

The supabase-audit-realtime skill enables AI agents to continuously monitor Supabase database activity in real-time, identifying unauthorized access or suspicious patterns as they occur. It leverages Supabase's built-in audit logs to provide immediate visibility into data changes and user actions within the infrastructure.

When to use it

• Detecting potential security breaches or unauthorized data modifications instantly during active development cycles.
• Monitoring compliance requirements by tracking who accessed sensitive records and when those accesses occurred.
• Investigating anomalous behavior, such as bulk data exports or privilege escalation attempts, without manual log review.
• Validating that role-based access controls (RBAC) are functioning correctly across different user sessions.

Key capabilities

• Real-time ingestion of Supabase audit logs via WebSockets.
• Filtering events by specific tables, users, or action types (e.g., INSERT, UPDATE, DELETE).
• Alerting mechanisms triggered when predefined risk thresholds are exceeded.
• Integration with existing security dashboards for centralized threat monitoring.

Example prompts

• "Set up real-time alerts for any DELETE operations on the 'users' table from IP addresses outside our known range."
• "Analyze the last hour of audit logs to identify all users who accessed the 'payments' collection and flag those with admin privileges."
• "Create a live dashboard showing active sessions and their associated database query frequencies for the past 30 minutes."

Tips & gotchas

Ensure your Supabase project has audit logging enabled in the dashboard settings before deploying this skill, as it relies on existing log streams. Be mindful of high-frequency event volumes, which could overwhelm downstream alerting systems if not properly throttled or aggregated.