CtrlK
BlogDocsLog inGet started
Tessl Logo

Discover docs

Discover documentation to enhance your AI agent's capabilities.

AllSkillsDocsRules
NameContainsScore

g14wxz/storage-resumable-upload

v0.1.0

Implements TUS resumable upload protocol for files >6MB with advisory lock conflict handling.

Contains:

storage-resumable-upload

Configures TUS resumable upload client for files over 6MB with Postgres Advisory Lock 409 Conflict handling. Enforces tenant-scoped bucket paths. Use when implementing large file uploads, resumable uploads, TUS protocol, uploads over unstable networks, or files larger than 6MB in Supabase Storage.

SkillsDocsRules

80

Enforces absolute data boundaries between tenants in shared schema via RLS policies on tenant_id.

Contains:

tenant-isolation-rls

Creates RLS policies enforcing tenant_id isolation on shared-schema tables. Verifies ALTER TABLE ENABLE ROW LEVEL SECURITY before policy creation. Requires tenant_id column and custom-access-token-hook JWT claims. Use when implementing multi-tenant data isolation, tenant-safe queries, shared schema RLS, or tenant_id policy creation.

SkillsDocsRules

80

Provides database health diagnostics via slow query analysis, bottleneck identification, and Postgres inspection.

Contains:

db-diagnostics-inspection

Inspects database health by analyzing slow queries, identifying bottlenecks, and checking Postgres performance indicators. Use when diagnosing database issues, checking slow queries, inspecting DB health, finding performance bottlenecks, or troubleshooting Supabase Postgres problems.

SkillsDocsRules

80

Enforces HNSW index selection over IVFFlat and correct distance operator usage for pgvector.

Contains:

pgvector-hnsw-index-selection

Configures pgvector HNSW indexes with correct distance operators. Enforces inner product operator for normalized embeddings instead of cosine distance. Use when setting up vector search, creating embedding indexes, configuring semantic search, or choosing between HNSW and IVFFlat index types.

SkillsDocsRules

80

Enforces PKCE-based OAuth code flow replacing implicit auth flows for modern Supabase auth.

Contains:

pkce-auth-flow

Generates code verifier/challenge pairs, exchanges authorization codes for sessions, sets secure HTTP-only session cookies, and configures server-side callback handling to implement the Proof Key for Code Exchange auth flow. Replaces implicit token-in-fragment flows by removing hash-based token extraction and localStorage usage. Use when implementing Supabase authentication, OAuth login, secure browser auth, SSR auth setup, or modern auth flow migration.

SkillsDocsRules

80

Schema Registry for Apache Kafka - covers schema management (Avro, Protobuf, JSON Schema), compatibility modes, schema evolution, REST API, serializer/deserializer configuration, Kafka Connect converters, Flink SQL integration, and Confluent Cloud.

Contains:

schema-registry

Use when working with Schema Registry for Apache Kafka, Confluent Platform, or Confluent Cloud. Covers schema management (Avro, Protobuf, JSON Schema), compatibility modes, schema evolution, REST API, serializer/deserializer configuration, Kafka Connect converters, and Flink SQL integration with Schema Registry. Trigger this skill whenever the user mentions schema registry, schema evolution, Avro/Protobuf/JSON Schema serialization with Kafka, subject naming strategies, compatibility checking, or Flink SQL with Confluent formats (avro-confluent). Also trigger when users ask about data contracts, schema validation, or serializer/deserializer configuration for Kafka producers and consumers.

SkillsDocs

80

Enforces minimum similarity thresholds on vector retrieval to prevent RAG hallucination from weak matches.

Contains:

retrieval-threshold-guard

Adds hard similarity threshold guards to vector retrieval RPCs. Returns empty results instead of weak matches to prevent downstream hallucination. Use when implementing retrieval guardrails, minimum similarity thresholds, match_threshold parameters, or preventing RAG hallucination from low-confidence results.

SkillsDocsRules

77

Secures Supabase Realtime private channels via RLS policies on the realtime.messages table.

Contains:

realtime-channel-authorization

Configures private Realtime channels with RLS-backed authorization on the realtime.messages table. Enforces tenant-scoped Presence and Broadcast security. Use when implementing private realtime channels, realtime authorization, presence security, broadcast security, or securing the realtime messages table.

SkillsDocsRules

77

Configures Prometheus scraping, log drains, and observability for Supabase infrastructure monitoring.

Contains:

supabase-observability-metrics

Sets up Prometheus scrape jobs targeting the Supabase metrics endpoint and configures log drain pipelines. Establishes monitoring dashboards and alerting baselines. Use when configuring Supabase monitoring, setting up Prometheus metrics, implementing log drains, or establishing observability for production Supabase deployments.

SkillsDocsRules

77

Configures Postgres triggers and database webhooks for event-driven architectures in Supabase.

Contains:

database-webhook-trigger-pattern

Creates Postgres triggers that fire database webhooks to Edge Functions or external endpoints on INSERT/UPDATE/DELETE events. Configures pg_net for HTTP callouts and payload serialization. Use when implementing event-driven workflows, database webhooks, trigger-based notifications, or automated pipelines on table changes.

SkillsDocsRules

77

Orchestrates long-running Edge Function work via waitUntil, pg_cron, and pgmq patterns.

Contains:

edge-function-background-orchestration

Configures Edge Functions to use EdgeRuntime.waitUntil for background work while returning immediate 200 OK. Routes massive async workloads through pg_cron discovery and pgmq task queuing. Use when building background processing, async third-party calls, long-running edge function tasks, or webhook-driven pipelines.

SkillsDocsRules

77

Prevents directory traversal in Supabase Storage via path validation functions and storage RLS.

Contains:

storage-path-validation

Creates Postgres functions to validate storage path payloads and prevent directory traversal. Enforces tenant-safe file paths via storage RLS bucket policies. Use when configuring Supabase storage buckets, writing storage RLS policies, or implementing tenant-scoped file uploads.

SkillsDocsRules

77

Enforces strict isolation of service_role key to server-side contexts only.

Contains:

service-role-boundary

Enforces that service_role key is never exposed to client-side code. Validates admin client isolation, privileged operations routing, and server-only key usage. Use when implementing admin operations, server-side Supabase clients, or auditing service_role key usage.

SkillsDocsRules

77

Injects tenant ID and RBAC permissions into JWT via Postgres Auth Hooks during token issuance.

Contains:

custom-access-token-hook

Generates Postgres Auth Hook that injects tenant_id and serialized permissions into JWT app_metadata using jsonb_set. Use when implementing RBAC, multi-tenant JWT claims, custom access token hooks, or permission injection into Supabase auth tokens.

SkillsDocsRules

77

Database architecture skills, docs, and rules for high-demand multi-tenant commerce platforms (PostgreSQL source of truth, Neo4j as derived GraphRAG projection, transactional outbox, RLS-based tenant isolation). Includes live schema introspection workflow via explicit Supabase MCP/read-only schema sources.

Contains:

adr-drafting

Use when the user proposes — or the agent detects — a deviation from constitutional defaults that requires an Architecture Decision Record. Triggered by proposals to extract microservices, drop foreign keys, denormalize without measured evidence, store transactional truth in Neo4j, skip Row Level Security, skip the transactional outbox, run destructive migrations, use database-per-service, or any explicit override of a constitutional principle. Drafts a structured ADR with context, decision, consequences, alternatives rejected, migration path, validation criteria, and constitutional sections affected — and refuses to proceed with the underlying work until the ADR is at least Proposed status.

commerce-database-architecture

Use when designing or reviewing database architecture for high-demand multi-tenant commerce platforms — including PostgreSQL schema design, foreign keys, indexes, JSONB usage, multi-tenant isolation with Row Level Security, transactional outbox, Neo4j GraphRAG projections, event sourcing decisions, audit logging, partitioning, expand/contract migrations, and product/inventory/order modeling for restaurants, boutiques, drugstores, retailers, distributors, grocery, hardware, or appliance businesses. Triggered by any request to design tables, design schemas, create migrations, model products/variants/inventory/orders/payments, choose between monolith and microservices, choose between PostgreSQL and Neo4j as source of truth, model multi-tenant data, design event flows, or review an ER diagram.

graph-rag-boundary-review

Use when reviewing or designing how Neo4j and GraphRAG interact with PostgreSQL transactional truth — including any feature involving recommendations, semantic product search, ingredient relationships, substitution suggestions, complementary products, AI-assisted discovery, vector search combined with graph traversal, or any proposal that puts orders, inventory, payments, prices, or tenant access rules into Neo4j. Evaluates architectural proposals for data boundary violations, identifies sync pattern errors between Neo4j and PostgreSQL, produces structured design review feedback with severity-ranked findings, counter-proposals with Mermaid diagrams, eventing changes, and re-projection plans. Triggered by mentions of GraphRAG, Neo4j, knowledge graph, recommendations engine, semantic search, vector + graph hybrid search, AI product discovery, or any design that crosses the PostgreSQL ↔ Neo4j boundary.

SkillsDocsRules

77

Calibrate research done on socially noisy web sources so agents do not mistake crowd mood for truth. Includes source-specific skills for Moltbook, Hacker News, Reddit, and Product Hunt.

Contains:

social-source-calibration

Route and calibrate research drawn from socially noisy web communities so agents do not mistake crowd mood for truth. Use when research notes, summaries, or quoted material come from Moltbook, Hacker News, Reddit, or Product Hunt and the job is to decide how much weight that material deserves, separate concrete weak signals from vibe/noise, or choose the right source-specific calibration skill before carrying findings forward.

hacker-news-source-calibration

Calibrate research done on Hacker News so agents do not mistake experienced technical cynicism, anti-hype sentiment, or comment-thread confidence for balanced evidence. Use when summarizing Hacker News reactions, extracting concerns from HN threads, citing HN as part of research, or deciding how much weight to give repeated negative or skeptical Hacker News comments.

moltbook-source-calibration

Interpret and calibrate already-collected research material derived from Moltbook so agents do not mistake noise, spam, novelty, or social heat for reliable evidence. Use when weighing notes, summaries, or quoted material from Moltbook as part of research, deciding whether a Moltbook claim is worth following up, checking source reliability or evidence quality, or separating concrete weak signals from social-performance noise. Prefer when Moltbook is being used as a weak-signal discovery source rather than as authoritative proof. This skill classifies gathered Moltbook material as concrete report, vibe signal, or noise; flags evidence strength and uncertainty; and suggests whether the claim is follow-up-worthy. This is an informational calibration skill, not a browsing or execution workflow.

SkillsDocs

76

1.07x

Configures database INSERT triggers that offload document chunking and embedding to Edge Functions.

Contains:

rag-ingestion-trigger-pipeline

Creates Postgres INSERT triggers that fire Edge Functions for document chunking and embedding generation. Configures the ingestion pipeline from raw document insert to vector storage. Use when building RAG ingestion, embed-on-insert pipelines, database-driven document ingestion, or automated embedding workflows.

SkillsDocsRules

75

Provides EXPLAIN ANALYZE workflow for identifying missing indexes, sequential scans, and query plan issues.

Contains:

query-explain-plan-debugging

Executes EXPLAIN ANALYZE via MCP to debug slow queries, identify missing indexes, detect sequential scans, and optimize query plans. Use when debugging slow SQL, analyzing query plans, finding unused indexes, optimizing Postgres queries, or investigating index-not-used issues.

SkillsDocsRules

75

Configures server-side session synchronization via secure HTTP-only cookies for SSR frameworks.

Contains:

ssr-auth-session-management

Implements server-side auth session management with HTTP-only cookie synchronization for Next.js, SvelteKit, and other SSR frameworks. Depends on PKCE auth flow. Use when implementing SSR authentication, server-side session sync, HTTP-only auth cookies, Next.js Supabase auth, or SvelteKit Supabase auth.

SkillsDocsRules

75

SonicJS headless CMS knowledge base, coding standards, and architectural guidelines.

Contains:

sonicjs-api

Configures and consumes the SonicJS headless CMS REST API — builds API clients, constructs query filters for content endpoints, configures CORS headers, and handles authenticated GET/POST requests with JSON payloads. Use when fetching data from SonicJS endpoints, sending HTTP requests to a SonicJS backend, integrating a frontend with a SonicJS API, creating or retrieving CMS content via fetch, managing CORS for a SonicJS deployment, or building an API client against SonicJS collections.

sonicjs-auth

Configures login flows, implements role-based access control (RBAC), generates JWT tokens, and manages user accounts in SonicJS. Use when configuring login flows, role-based access, permissions, auth, session management, or creating authentication middleware.

sonicjs-cms

Scaffolds new SonicJS routes, configures Drizzle ORM schemas, sets up authentication and RBAC, registers Hono.js plugins, and manages Cloudflare Workers deployment for a SonicJS edge-native headless CMS. Use when creating an API endpoint, adding a content type, configuring a database schema, deploying the CMS to Cloudflare, building or modifying a SonicJS plugin, setting up auth flows, or architecting any part of a SonicJS application backed by Cloudflare Workers, D1, R2, and HTMX.

SkillsDocs

74

Can't find what you're looking for? Evaluate a missing skill.