supabase-win
PassAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do what it says—run read-only Supabase REST queries—but it uses a local Supabase anon key and can return database rows allowed by that key.
Install only if you are comfortable letting the agent run read-only queries against your Supabase project. Use the anon key, not a service-role key, enforce RLS, manually create references/.env if needed, and verify the credential file is excluded from version control.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can return rows from Supabase tables or views exposed to the anon key, which may include sensitive data if RLS policies allow it.
The script lets the caller choose the Supabase table/path and sends a read-only GET request. This matches the stated query purpose, but it can retrieve data permitted by the configured key.
base_url = f"https://{project_id}.supabase.co/rest/v1/{table}" ... req = urllib.request.Request(url, headers=headers, method="GET")Use strict Supabase RLS policies, query only intended tables, and consider explicit user confirmation before inspecting private data.
Anyone or any agent using this skill with the configured .env file can read whatever the Supabase anon key is allowed to read.
The skill reads a local Supabase anon key and uses it as API/Bearer authorization. This is expected for Supabase access and is disclosed, but it is still delegated database access.
ENV_FILE = SKILL_DIR / "references" / ".env" ... "Authorization": f"Bearer {anon_key}"Store only the Supabase anon/public key, never a service-role key; keep references/.env private and rotate the key if it is exposed.
Setup may fail or require manual configuration, but this does not show hidden execution or malicious behavior.
The supplied manifest does not include references/.env.example or scripts/query.bat, so the setup instructions reference files that are not present.
Copy `references/.env.example` to `references/.env` ... Or on Windows: `scripts\query.bat users --select "*" --limit 10`
Create references/.env manually from the documented variables, use scripts/query.py directly, and ask the maintainer to include or remove the missing referenced files.
A user might assume the credential file cannot be committed to version control when that protection is not shown here.
No .gitignore file is present in the supplied file manifest, so this safety statement is not backed by the provided artifacts.
- The `.env` file is gitignored by default
Verify or add a .gitignore entry for references/.env before placing this skill directory in any version-controlled workspace.