Use Supabase (read-only)
Instructions
- •Load env vars (without printing secrets):
set -a; source .env; set +aor equivalent soSUPA_URLandSUPA_SERVICE_ROLE_KEYare set. - •Never echo or log
SUPA_SERVICE_ROLE_KEY; only pass it via headers. - •Base headers for REST calls:
- •
-H "apikey: $SUPA_SERVICE_ROLE_KEY" - •
-H "Authorization: Bearer $SUPA_SERVICE_ROLE_KEY" - •
-H "Accept-Profile: ${SUPA_SCHEMA:-public}" - •Optional: add
-H "Prefer: count=exact"when you need counts.
- •
- •List tables (scoped by schema):
bash
curl -s "$SUPA_URL/rest/v1/pg_catalog.pg_tables?schemaname=eq.${SUPA_SCHEMA:-public}&select=schemaname,tablename,tableowner" \ -H "apikey: $SUPA_SERVICE_ROLE_KEY" -H "Authorization: Bearer $SUPA_SERVICE_ROLE_KEY" - •Inspect columns for a table:
bash
TABLE="your_table" curl -s "$SUPA_URL/rest/v1/information_schema.columns?table_schema=eq.${SUPA_SCHEMA:-public}&table_name=eq.${TABLE}&select=column_name,data_type,is_nullable,column_default,udt_name,character_maximum_length" \ -H "apikey: $SUPA_SERVICE_ROLE_KEY" -H "Authorization: Bearer $SUPA_SERVICE_ROLE_KEY" - •Pull sample rows (read-only) with sane limits/ordering:
bash
curl -s "$SUPA_URL/rest/v1/${TABLE}?select=*&limit=50&order=created_at.desc" \ -H "apikey: $SUPA_SERVICE_ROLE_KEY" -H "Authorization: Bearer $SUPA_SERVICE_ROLE_KEY" - •For joins or filters, use PostgREST query params (e.g.,
?select=id,profile(id,name)&user_id=eq.123). Keep requests GET/HEAD for read-only. - •If
SUPA_HOST,SUPA_ORIGIN, orSUPA_REFERERare set, include matching headers to satisfy Supabase CORS constraints. - •Avoid writes (
POST/PATCH/DELETE) unless explicitly asked; this skill is for inspection.
Example prompts
- •"Show the columns and types for table chat_logs in Supabase"
- •"Fetch 20 newest rows from public.messages"
- •"List all tables under the public schema"