Skill

supabase-known-pitfalls

Execute identify and avoid Supabase anti-patterns and common integration mistakes. Use when reviewing Supabase code for issues, onboarding new developers, or auditing existing Supabase integrations for best practices violations. Trigger with phrases like "supabase mistakes", "supabase anti-patterns", "supabase pitfalls", "supabase what not to do", "supabase code review".

From supabase-pack

Install

Run in your terminal

npx claudepluginhub nickloveinvesting/nick-love-plugins --plugin supabase-pack

Tool Access

This skill is limited to using the following tools:

ReadGrep

Supporting Assets

View in Repository

references/errors.md

references/examples.md

Skill Content

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

138.6k

claude-opus-4-5-migration

2 files

Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.

claude-opus-4-5-migration

83.2k

evaluation-methodology

1 file

Details PluginEval's skill quality evaluation: 3 layers (static, LLM judge), 10 dimensions, rubrics, formulas, anti-patterns, badges. Use to interpret scores, improve triggering, calibrate thresholds.

plugin-eval

32.9k

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitMar 20, 2026

Actions

View Source View Plugin View on GitHub View README

Supabase Known Pitfalls

Prerequisites

Access to Supabase codebase for review
Understanding of async/await patterns
Knowledge of security best practices
Familiarity with rate limiting concepts

Instructions

Supabase anti-patterns typically cluster into three risk categories: security risks (exposing service role keys, missing RLS policies, over-privileged anon access), performance risks (N+1 queries, missing indexes, fetching more columns than needed), and reliability risks (no retry logic, synchronous auth checks in every request, missing error handling). Addressing security issues first prevents data exposure, while performance fixes have the greatest impact on user experience.

Step 1: Review for Anti-Patterns

Scan the codebase for each pitfall pattern listed in the references. Use grep or a code search tool to find all locations where Supabase client calls are made. Look specifically for service role key usage in client-side code, missing .select() column lists that fetch entire rows, and await chains that make multiple sequential queries where a single join would suffice.

Step 2: Prioritize Fixes

Address security issues first: any client-side exposure of the service role key or missing RLS policies on tables containing user data are critical. Then tackle performance issues that affect P95 latency. Finally, address reliability gaps like missing error handling.

Step 3: Implement Better Approach

Replace anti-patterns with recommended patterns. Document the change in a PR description so reviewers understand why the old approach was problematic.

Step 4: Add Prevention

Set up linting and CI checks to prevent recurrence. Add ESLint rules that flag service key usage in frontend bundles and require .select() calls to specify columns explicitly.

Output

Anti-patterns identified with severity classification
Security, performance, and reliability fixes implemented
ESLint and CI prevention measures active
Code quality measurably improved with documented rationale

Error Handling

See ${CLAUDE_SKILL_DIR}/references/errors.md for comprehensive error handling.

Examples

See ${CLAUDE_SKILL_DIR}/references/examples.md for detailed examples.

Resources

Overview

Execute identify and avoid Supabase anti-patterns and common integration mistakes.