Supabase ⚡
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This is mostly a Supabase reporting tool, but it asks for a full-admin Supabase key and the included script contains an under-documented raw SQL path that could change data despite read-only claims.
Review the code and documentation before installing. Only use this with a Supabase key you are comfortable exposing to a local chat-driven tool, prefer a least-privilege read-only setup, and disable or remove the raw SQL/RPC path unless you explicitly need it.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may believe the skill only reads analytics, but a raw SQL path could perform high-impact database actions if invoked with a privileged key and an exec_sql RPC exists.
The script contains a helper that sends arbitrary SQL to a Supabase RPC endpoint using the configured key. The visible code does not restrict the SQL to read-only statements, so if this path is exposed it could modify or delete database data.
def run_query(sql: str): ... requests.post(f"{url}/rest/v1/rpc/exec_sql", headers=headers, json={"query": sql}, timeout=30)Remove or disable arbitrary SQL execution, or enforce read-only queries and explicit user confirmation before any SQL RPC call.
The documentation could cause a user to grant a full-admin key under the impression that the skill has only read-only behavior.
These safety claims are not fully aligned with the included script, which defines a POST-based exec_sql helper capable of submitting arbitrary SQL.
**What this skill does:** - Makes GET requests to your Supabase project's Auth Admin API ... **What this skill does NOT do:** - Does not write, modify, or delete any data
Update the documentation to accurately disclose every write-capable or SQL-execution path, or remove those paths from the code.
Anyone or anything with this key can have powerful access to the Supabase project, and the skill can read user details such as names and emails.
The skill clearly discloses that it needs a Supabase service_role key, which is a highly privileged credential, to list and count users.
The `service_role` key has **full admin access** to your database. This skill requires it for the Auth Admin API (listing/counting users).
Use a least-privilege read-only role if possible, keep the key out of shared logs or chats, and rotate it if it may have been exposed.
Scheduled reports may repeatedly surface user names and emails after setup, which can be useful but should be intentionally managed.
The documentation describes a user-directed recurring job that can continue querying and reporting Supabase user information on a schedule.
Set up automated daily user reports via Clawdbot cron.
Only create cron reports when needed, limit reported fields, and periodically review or remove scheduled jobs.