Loading...
Loading...
Found 54 Skills
Test Row Level Security (RLS) policies for common bypass vulnerabilities and misconfigurations.
Analyze Supabase authentication configuration for security weaknesses and misconfigurations.
Extract the Supabase anon/public API key from client-side code. This key is expected in client apps but important for RLS testing.
Attempt to read data from exposed tables to verify actual data exposure and RLS effectiveness.
Set up HelpMeTest proxy tunnels for local development testing. Use when user needs to test localhost, wants to substitute production URLs with local ports, or needs to route multiple services. Use when user says 'set up proxy', 'test localhost', 'tunnel to local', or before running tests against local development servers.
Everything to do with tests on HelpMeTest. Use when: writing tests for a new feature, generating tests for an existing feature, fixing a broken test, debugging a failing test, tests broke after a UI change, tests are out of date after a refactor. Triggers on: 'write tests', 'generate tests', 'test is failing', 'fix tests', 'tests broke', 'implement X', 'add feature', 'fix bug', 'why does this test fail', 'tests are out of date'. If it involves HelpMeTest tests in any way, this is the skill.
Orchestrate a complete Supabase security audit with guided step-by-step execution and ownership confirmation.
Quick reference for all Supabase security audit skills with usage examples and command overview.
Generate a comprehensive Markdown security audit report with executive summary, findings, and remediation guidance.
Identify storage buckets that are publicly accessible and may contain sensitive data.
CRITICAL - Detect exposed PostgreSQL database connection strings in client-side code. Direct DB access is a P0 issue.
Attempt to list and read files from storage buckets to verify access controls.