Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From supabase
Runs SQL queries, schema changes, RLS policies, and storage operations against a Supabase project via its Management API. Useful for DB CRUD, migrations, and admin-level data tasks.
npx claudepluginhub jawwadfirdousi/agent-skills --plugin supabaseHow this skill is triggered — by the user, by Claude, or both
Slash command
/supabase:supabaseThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Run SQL against a Supabase project through the management API: querying data,
Manages Supabase Postgres databases via CLI: migrations, Edge Functions deployment, local development setup, and project debugging.
Configures Supabase for dev, staging, and production with separate projects, env-specific secrets, shared migrations, and safe promotion via db push.
Guides Supabase CLI for local dev setup, DB migrations/diffs/resets, edge functions serve/deploy, secrets, and TypeScript code gen.
Share bugs, ideas, or general feedback.
Run SQL against a Supabase project through the management API: querying data, schema changes (DDL), policies (RLS), storage metadata, and migrations. SQL runs with management API privileges, so treat it as admin-level database access.
Everything goes through one script, scripts/supabase.sh, with three commands:
env — manage connection environments (stored in environments.json)sql — run a SQL stringsql-file — run SQL from a fileEach environment is a named entry in environments.json (gitignored, chmod 600)
holding a url and an optional access_token. Manage them with the env
subcommands:
# List configured envs (tokens masked)
scripts/supabase.sh env list
# Add an env (--url required; --access-token and --description optional)
scripts/supabase.sh env add dev --url https://<dev-ref>.supabase.co --access-token sbp_...
scripts/supabase.sh env add prod --url https://<prod-ref>.supabase.co --description "Production"
# Update one or more fields on an existing env
scripts/supabase.sh env update dev --url https://<new-ref>.supabase.co --access-token sbp_...
# Inspect one env: human (default), json, or shell export
scripts/supabase.sh env get dev
scripts/supabase.sh env get dev --format json
scripts/supabase.sh env get dev --format export
# Remove an env (refused if it is the only one)
scripts/supabase.sh env remove prod
# Verify at least one env is configured (non-zero exit otherwise)
scripts/supabase.sh env check
Rules the script enforces:
env add requires --url; the env name must be unique.env remove is refused on the last remaining env.SUPABASE_ACCESS_TOKEN is used instead.environments.json is read from the skill root, or
~/.config/claude/supabase-environments.json if that is where it already exists.If the script reports no environments configured or SUPABASE_URL not set, the
user has not finished setup: run env add to create the first env, or point them
at the README.
Pick the environment per command with --env <name>. Resolution order:
1) --env <name> set -> use that env from environments.json
2) SUPABASE_URL + TOKEN exported -> use those exported values
3) exactly one env configured -> use it (--env optional)
4) multiple envs, none named -> error: pass --env <name>
When the user names an environment ("in prod", "on dev"), pass --env <name>. If
multiple envs exist and the user did not name one, ask which to use before running.
# Run a SQL string
scripts/supabase.sh sql --env dev "SELECT * FROM users LIMIT 5"
scripts/supabase.sh sql --env prod "SELECT count(*) FROM users"
scripts/supabase.sh sql --env dev "INSERT INTO users (name, email) VALUES ('Alice', 'alice@test.com')"
# Run SQL from a file (prefer for long or multi-statement SQL)
scripts/supabase.sh sql-file --env dev ./migrations/001_init.sql
\"items_read_own\").sql sends the whole string as one query, so multiple ;-separated statements
run together.$ — dollar-quoted function/trigger bodies ($$ … $$) or
positional params ($1) — must go through sql-file. In a double-quoted sql
argument the shell expands $$ (to its PID) and $1, corrupting the statement.
File contents are sent literally, so sql-file is safe.Output is the raw management API JSON, piped through jq:
SELECT).message field, e.g.
{"message": "syntax error at or near ..."}. Detect failure by checking for a
lone message key — the HTTP call (and exit code) usually still succeeds even
when the SQL is rejected.These commands run with management API (admin) privileges, so a bad statement can drop data or break a live project. Before running:
DROP, TRUNCATE, and any
DELETE/UPDATE without a WHERE clause — especially against a production env.--env <name>) before running; do
not let a write fall back to an auto-selected env.SELECT ... LIMIT to inspect data and
schema before mutating it.BEGIN; ... COMMIT; (via
sql-file) so a mid-way failure rolls back. Note CREATE INDEX CONCURRENTLY
cannot run inside a transaction — run it as a standalone statement.CREATE TABLE IF NOT EXISTS,
CREATE OR REPLACE, ADD COLUMN IF NOT EXISTS, and DROP ... IF EXISTS.For ready-made examples covering DDL, indexes, enum types, views, functions/RPC, triggers, RLS, data patterns (upsert, JSONB), pgvector similarity search, storage, and schema introspection, see references/sql-cookbook.md.