Supabase Dashboard Builder

WarnAudited by ClawScan on May 10, 2026.

Overview

The skill is coherent for building Supabase dashboards, but its example uses a high-privilege Supabase service key behind broad, apparently unauthenticated API endpoints that could expose sensitive tables or prompt/embedding data if copied as-is.

Only use this as a starting template if you add real admin authentication, restrict CORS, declare and protect the Supabase service key, and replace `select=*` with explicit safe column allowlists before deployment.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High

#ASI03: Identity and Privilege Abuse

What this means

If deployed as written, anyone who can reach the dashboard API may be able to read service-key-backed Supabase data from the allowed tables.

Why it was flagged

The template instructs using a high-privilege Supabase service key for a network API endpoint, but does not show authentication, authorization, or least-privilege controls for callers.

Skill content

SUPABASE_KEY = os.environ["SUPABASE_SERVICE_KEY"]
HEADERS = {"apikey": SUPABASE_KEY, "Authorization": f"Bearer {SUPABASE_KEY}"}

@app.get("/api/mc/{table}")

Recommendation

Require user authentication and authorization before proxying Supabase data, prefer least-privilege/read-only access where possible, rely on RLS where appropriate, and declare the required Supabase credential clearly in metadata.

Medium

#ASI06: Memory and Context Poisoning

What this means

Sensitive operational knowledge, prompts, or embedded content could be exposed through the dashboard API if the default all-column select is used.

Why it was flagged

The proxy allows the knowledge_vault table and defaults to selecting all columns, which can include sensitive stored knowledge, prompts, or embeddings.

Skill content

allowed = {"ai_agents", "skills", "knowledge_vault", "tools", "workflows"}
...
async def get_table(table: str, select: str = "*", limit: int = 100, offset: int = 0)

Recommendation

Use explicit safe column allowlists per table, avoid default `select=*`, exclude prompt/embedding/secret fields unless specifically authorized, and add auditing for access to knowledge-vault data.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

A deployed dashboard could be accessed cross-origin more broadly than intended, increasing the chance that privileged Supabase-backed data is exposed.

Why it was flagged

The suggested wildcard CORS configuration is broad for a service-key-backed admin API and could make accidental exposure easier if used outside local development.

Skill content

app.add_middleware(CORSMiddleware, allow_origins=["*"], allow_methods=["*"], allow_headers=["*"])

Recommendation

Limit CORS to trusted dashboard origins, keep wildcard CORS only for local development if needed, and combine it with authentication and authorization.