Skill Data & Analytics →

Supabase Operations

Direct Supabase Postgres operations via `mcp__postgres__*` RLS policy audit, migration…

Run raw Postgres operations directly against your Supabase projects through the postgres MCP layer: RLS policy audits, migration validation, user and order spot checks, and slow-query diagnosis. Instead of guessing whether a record is lost, deleted, or just hidden, you get a verified answer in seconds with a single SELECT. It is the complement to the Supabase MCP for everything that needs raw SQL and direct evidence.

$15 one-time
Add to a kit →

Prices include 20% VAT. · Forged on real agency work · one-time, no lock-in

  • Type Skill
  • Category Data & Analytics
  • Delivery Email · instant
  • License One-time
Run preview
forgehouse, supabase-operations

Inside the run · no black box

See the actual work before you buy it.

The operational checks the skill runs directly against Supabase Postgres, every claim backed by a real query, never a dashboard guess:

  1. RLS audit first: list every public table where row security is off or no policy exists. An RLS-enabled table with zero policies is a total lockout, a disabled one is a data leak; both get flagged before anything else.
  2. After any migration apply, verify instead of trusting exit 0: count affected rows against the expected number, then check columns, constraints and indexes in information_schema, because a wrong WHERE clause can apply to zero rows and still report success.
  3. On a user incident, spot-check auth.users directly, including the GoTrue token columns (a NULL email_change_token_new throws a 500), then cross-check the profiles row and the user's recent orders.
  4. When someone reports lost data, query without the deleted_at filter first: soft delete (restorable) and hard delete (gone) are different answers, and the difference is settled by one SELECT, not by debate.
  5. On slowness complaints, run EXPLAIN (ANALYZE, BUFFERS) on the suspect query and inspect pg_stat_activity for connection pool saturation and anything running past 30 seconds.
  6. Detect schema drift with supabase db diff or an information_schema snapshot, and write the drift back into a migration. The live database is never accepted as the source of truth; migrations are.
Use cases · what happens when you plug it in

One power source. 6 lines out.

supabase-operations · core

core active · 6 lines

  1. Auditing whether every public table has RLS enabled with at least one policy

    ✓ auditing whether every p…

  2. Validating row counts and schema right after a migration applies

    ✓ validating row counts and

  3. Spot-checking a user from a Sentry error stack trace down to the DB row

    ✓ spot-checking a user from

  4. Distinguishing soft-delete from hard-delete when a customer says 'my data vanished'

    ✓ distinguishing soft-dele…

  5. Diagnosing a slow page with EXPLAIN ANALYZE and connection-pool inspection

    ✓ diagnosing a slow page w…

  6. Detecting schema drift between the live DB and your committed migrations

    ✓ detecting schema drift b…
Benefits · what you walk away with

Yours to keep.

Drag time forward. Watch what stays.

Forever

That's what owning means.

The rented stack

ai writing tool: subscription

expired · access lost

analytics suite: subscription

expired · access lost

design platform: subscription

expired · access lost

(nothing left)

Your forge

  1. Replace 'I think the data is gone' panic with a verified yes/no in seconds

    license: perpetual

  2. Catch a wide-open table before it becomes a data leak

    license: perpetual

  3. Confirm migrations actually touched the rows you expected: not zero

    license: perpetual

  4. Spot connection-pool saturation behind a 'site is slow' complaint

    license: perpetual

subscriptions expire · deeds don't

What's included · the full manifest

Everything in the box.

Pick a piece up. Watch it work.

Seven ready-to-run workflows: RLS audit, migration validation, user spot check, soft/hard delete, slow query, orphan records, connection pool

part 01 of 06 · in the box

6 parts · one working system · ships instantly by email

From the field · a real case

This wasn’t written at a desk.

The problem

The fix

The result

Who it's for

This wasn't forged for everyone.

  • Not for you if you'd rather rent a tool than own one.
  • Not for you if you want someone else to run your stack.
  • Not for you if you're happy guessing.
Still here? Good.

Teams running Supabase Postgres in production who need fast, evidence-backed operational answers instead of dashboard guesses.

then this was forged for you.

Works with

Universal by design: these run in any AI. Delivered in the open Agent Skills + MCP format (native in Claude); ChatGPT, Gemini, Cursor and Copilot adapt the same files their own way.

  • Claude Native format
  • ChatGPT Adapts via open standards
  • Gemini Adapts via open standards
  • Cursor Adapts via open standards
  • Copilot Adapts via open standards
Questions · still in the air

Catch what's on your mind.

the air is clear. nothing between you and the forge.
catch a spark: the forge will answer

  1. I already use the Supabase dashboard daily. When would I reach for this instead?

    When the question needs proof, not a guess: did that migration actually touch rows or zero, is the customer's 'vanished' record soft-deleted or hard-deleted, is the connection pool saturated behind a slow-site complaint. The dashboard summarizes; these workflows answer with a verified SELECT in seconds.

  2. What does it concretely run against my database?

    Seven ready workflows built on copy-paste SQL over pg_tables, pg_policies, information_schema, and pg_stat_activity: RLS audit, migration validation, user spot checks, soft vs hard delete, slow query, orphan records, and connection pool. There is also a GoTrue auth.users NULL-token check that prevents a classic 500 error.

  3. Will it design my schema or write my migrations?

    No. This is operational diagnosis on a live database, reading state and producing evidence. Schema design, indexing strategy, and migration discipline live in the supabase-postgres-best-practices package; this one tells you what is true right now, not what to build.

  4. How is it delivered?

    By email right after purchase: ready to run, downloaded instantly, no setup wait.

  5. One-time or subscription?

    A one-time purchase; no subscription or hidden fees. VAT (20%) is included.

  6. Can I get a refund?

    As a digital product, it can’t be refunded once downloaded. That’s why we show exactly what’s inside and who it’s for, right here.

Related products

All skills →
Data & Analytics Skill

Airflow DAG Patterns

Build production Apache Airflow DAGs with best practices for operators, sensors, testing, and…

$15
Inspect →
Data & Analytics Skill

Data

Analytics and data query patterns for metrics, dashboards, reports, KPIs, and funnel analysis

$15
Inspect →