← Back to Skills

Supabase Detect

🌐Community
by yoanbernabeu · vlatest · Repository

Identifies potential SQL injection vulnerabilities and insecure configurations within your Supabase project.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add supabase-detect npx -- -y @trustedskills/supabase-detect
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "supabase-detect": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/supabase-detect"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This skill enables AI agents to interact with Supabase databases, specifically allowing them to detect and analyze database structures within a Supabase project. It facilitates automated reconnaissance by querying schema details and identifying potential security configurations.

When to use it

  • Performing initial reconnaissance on a target Supabase instance to map out available tables and relationships.
  • Validating whether specific security policies or row-level permissions are correctly configured before penetration testing.
  • Automating the discovery of sensitive data types stored within database columns during an audit.
  • Integrating into a broader pentest workflow to gather context about the backend architecture.

Key capabilities

  • Querying Supabase project metadata to retrieve schema information.
  • Identifying table names, column definitions, and data types programmatically.
  • Analyzing the overall structure of the database for security assessment purposes.

Example prompts

  • "Use supabase-detect to list all tables in the target Supabase project and their associated columns."
  • "Run a detection scan on the provided Supabase instance to identify any publicly accessible tables."
  • "Analyze the schema of the 'users' table in the connected Supabase database to check for sensitive fields."

Tips & gotchas

Ensure you have valid authentication credentials (API keys or service roles) configured in your agent environment before attempting to connect to a Supabase instance. This skill is designed for authorized security assessments; unauthorized access attempts violate ethical guidelines and legal policies.

View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
yoanbernabeu
Installs
75
Repository (canonical source) →

🌐 Community

Passed automated security scans.