supabase-dev

Name: supabase-dev
Author: dam2onkid

by @dam2onkid in Development

# Install this skill:

npx skills add dam2onkid/solo-dev-skills --skill "supabase-dev"

Install specific skill from multi-skill repository

# Description

Build applications with Supabase backend-as-a-service. Use when implementing authentication (email/password, OAuth, magic links, phone OTP), database operations with Row Level Security (RLS), file storage (upload, download, signed URLs), realtime subscriptions (Postgres changes, broadcast, presence), or Edge Functions. Covers client initialization, security policies, and common patterns for React, Next.js, React Native, and Node.js applications.

# SKILL.md

name: supabase-dev
description: Build applications with Supabase backend-as-a-service. Use when implementing authentication (email/password, OAuth, magic links, phone OTP), database operations with Row Level Security (RLS), file storage (upload, download, signed URLs), realtime subscriptions (Postgres changes, broadcast, presence), or Edge Functions. Covers client initialization, security policies, and common patterns for React, Next.js, React Native, and Node.js applications.

Supabase Dev

Open-source Firebase alternative providing Postgres database, authentication, storage, realtime, and edge functions.

Client Initialization

import { createClient } from "@supabase/supabase-js";

const supabase = createClient(
  process.env.SUPABASE_URL!,
  process.env.SUPABASE_ANON_KEY!
);

Server-side (with service role):

const supabaseAdmin = createClient(
  process.env.SUPABASE_URL!,
  process.env.SUPABASE_SERVICE_ROLE_KEY!
);

Core Features

Authentication

Email/password, magic links, phone OTP
OAuth providers (Google, GitHub, Discord, etc.)
Session management with JWT
Reference: references/authentication.md

Database

Full Postgres with auto-generated REST API
Row Level Security (RLS) for authorization
Realtime subscriptions on table changes
Reference: references/database.md
Performance: references/performance.md

Storage

File uploads with access control
Signed URLs for private files
Image transformations
Reference: references/storage.md

Realtime

Postgres Changes (INSERT/UPDATE/DELETE)
Broadcast (pub/sub messaging)
Presence (online status)
Reference: references/realtime.md

Edge Functions

Deno-based serverless functions
Deploy via Supabase CLI
Reference: references/edge-functions.md

CLI

Local development, migrations, type generation
Reference: references/cli.md

Environment Variables

Required in .env:

SUPABASE_URL=https://your-project.supabase.co
SUPABASE_ANON_KEY=your-anon-key
SUPABASE_SERVICE_ROLE_KEY=your-service-role-key  # Server-side only

Common Patterns

Protected Routes (React)

const {
  data: { session },
} = await supabase.auth.getSession();
if (!session) redirect("/login");

Server Components (Next.js)

import { createServerClient } from "@supabase/ssr";
import { cookies } from "next/headers";

const supabase = createServerClient(
  process.env.SUPABASE_URL!,
  process.env.SUPABASE_ANON_KEY!,
  { cookies: { getAll: () => cookies().getAll() } }
);

Error Handling

const { data, error } = await supabase.from("table").select();
if (error) throw new Error(error.message);

Security Best Practices

Always enable RLS on tables
Use auth.uid() in policies for user-specific access
Never expose service role key to client
Validate inputs before database operations
Use prepared statements (built into client)

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

⚡ Amp 🚀 Antigravity 🤖 Claude Code 🦀 Clawdbot 📝 Codex ▶️ Cursor 🤖 Droid 💎 Gemini CLI 🐙 GitHub Copilot 🪿 Goose 📊 Kilo Code 🔧 Kiro CLI 💻 OpenCode 🦘 Roo Code 🌲 Trae 🏄 Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.