Skills
.Work. You
Rest

supabase-audit-rpc

Community

Audit RPC functions for RLS risks and injections.

Software Engineering#authorization#postgresql#rls#injection#supabase#security-testing#rpc audit
Authoryoanbernabeu
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps security engineers identify vulnerabilities in Supabase PostgreSQL RPC functions, including potential RLS bypass, insecure definer rights, and unsafe dynamic behavior that could expose data.

Core Features & Use Cases

  • RPC discovery: Enumerate exposed PostgreSQL RPC functions and evaluate their security posture.
  • RLS and auth testing: Verify that RPC calls respect Row Level Security and authenticated access controls.
  • Risk assessment: Detect insecure patterns such as SECURITY DEFINER usage without proper checks or unsafe dynamic queries.
  • Use Case: Run a full RPC audit against a Supabase project to surface critical vulnerabilities and guide remediation.

Quick Start

Run an RPC security audit against your Supabase project by invoking the audit flow on the target project's REST endpoint and reviewing the findings in the generated context and evidence files.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: supabase-audit-rpc
Download link: https://github.com/yoanbernabeu/supabase-pentest-skills/archive/main.zip#supabase-audit-rpc

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.