Discover documentation to enhance your AI agent's capabilities.
| Name | Contains | Score |
|---|---|---|
Implements TUS resumable upload protocol for files >6MB with advisory lock conflict handling. Contains: storage-resumable-upload Configures TUS resumable upload client for files over 6MB with Postgres Advisory Lock 409 Conflict handling. Enforces tenant-scoped bucket paths. Use when implementing large file uploads, resumable uploads, TUS protocol, uploads over unstable networks, or files larger than 6MB in Supabase Storage. | SkillsDocsRules | |
Enforces absolute data boundaries between tenants in shared schema via RLS policies on tenant_id. Contains: tenant-isolation-rls Creates RLS policies enforcing tenant_id isolation on shared-schema tables. Verifies ALTER TABLE ENABLE ROW LEVEL SECURITY before policy creation. Requires tenant_id column and custom-access-token-hook JWT claims. Use when implementing multi-tenant data isolation, tenant-safe queries, shared schema RLS, or tenant_id policy creation. | SkillsDocsRules | |
Provides database health diagnostics via slow query analysis, bottleneck identification, and Postgres inspection. Contains: db-diagnostics-inspection Inspects database health by analyzing slow queries, identifying bottlenecks, and checking Postgres performance indicators. Use when diagnosing database issues, checking slow queries, inspecting DB health, finding performance bottlenecks, or troubleshooting Supabase Postgres problems. | SkillsDocsRules | |
Enforces HNSW index selection over IVFFlat and correct distance operator usage for pgvector. Contains: pgvector-hnsw-index-selection Configures pgvector HNSW indexes with correct distance operators. Enforces inner product operator for normalized embeddings instead of cosine distance. Use when setting up vector search, creating embedding indexes, configuring semantic search, or choosing between HNSW and IVFFlat index types. | SkillsDocsRules | |
v0.1.0 Enforces PKCE-based OAuth code flow replacing implicit auth flows for modern Supabase auth. Contains: pkce-auth-flow Generates code verifier/challenge pairs, exchanges authorization codes for sessions, sets secure HTTP-only session cookies, and configures server-side callback handling to implement the Proof Key for Code Exchange auth flow. Replaces implicit token-in-fragment flows by removing hash-based token extraction and localStorage usage. Use when implementing Supabase authentication, OAuth login, secure browser auth, SSR auth setup, or modern auth flow migration. | SkillsDocsRules | |
v0.2.0 Schema Registry for Apache Kafka - covers schema management (Avro, Protobuf, JSON Schema), compatibility modes, schema evolution, REST API, serializer/deserializer configuration, Kafka Connect converters, Flink SQL integration, and Confluent Cloud. Contains: schema-registry Use when working with Schema Registry for Apache Kafka, Confluent Platform, or Confluent Cloud. Covers schema management (Avro, Protobuf, JSON Schema), compatibility modes, schema evolution, REST API, serializer/deserializer configuration, Kafka Connect converters, and Flink SQL integration with Schema Registry. Trigger this skill whenever the user mentions schema registry, schema evolution, Avro/Protobuf/JSON Schema serialization with Kafka, subject naming strategies, compatibility checking, or Flink SQL with Confluent formats (avro-confluent). Also trigger when users ask about data contracts, schema validation, or serializer/deserializer configuration for Kafka producers and consumers. | SkillsDocs | |
Enforces minimum similarity thresholds on vector retrieval to prevent RAG hallucination from weak matches. Contains: retrieval-threshold-guard Adds hard similarity threshold guards to vector retrieval RPCs. Returns empty results instead of weak matches to prevent downstream hallucination. Use when implementing retrieval guardrails, minimum similarity thresholds, match_threshold parameters, or preventing RAG hallucination from low-confidence results. | SkillsDocsRules | |
Secures Supabase Realtime private channels via RLS policies on the realtime.messages table. Contains: realtime-channel-authorization Configures private Realtime channels with RLS-backed authorization on the realtime.messages table. Enforces tenant-scoped Presence and Broadcast security. Use when implementing private realtime channels, realtime authorization, presence security, broadcast security, or securing the realtime messages table. | SkillsDocsRules | |
Configures Prometheus scraping, log drains, and observability for Supabase infrastructure monitoring. Contains: supabase-observability-metrics Sets up Prometheus scrape jobs targeting the Supabase metrics endpoint and configures log drain pipelines. Establishes monitoring dashboards and alerting baselines. Use when configuring Supabase monitoring, setting up Prometheus metrics, implementing log drains, or establishing observability for production Supabase deployments. | SkillsDocsRules | |
Configures Postgres triggers and database webhooks for event-driven architectures in Supabase. Contains: database-webhook-trigger-pattern Creates Postgres triggers that fire database webhooks to Edge Functions or external endpoints on INSERT/UPDATE/DELETE events. Configures pg_net for HTTP callouts and payload serialization. Use when implementing event-driven workflows, database webhooks, trigger-based notifications, or automated pipelines on table changes. | SkillsDocsRules | |
Orchestrates long-running Edge Function work via waitUntil, pg_cron, and pgmq patterns. Contains: edge-function-background-orchestration Configures Edge Functions to use EdgeRuntime.waitUntil for background work while returning immediate 200 OK. Routes massive async workloads through pg_cron discovery and pgmq task queuing. Use when building background processing, async third-party calls, long-running edge function tasks, or webhook-driven pipelines. | SkillsDocsRules | |
Prevents directory traversal in Supabase Storage via path validation functions and storage RLS. Contains: storage-path-validation Creates Postgres functions to validate storage path payloads and prevent directory traversal. Enforces tenant-safe file paths via storage RLS bucket policies. Use when configuring Supabase storage buckets, writing storage RLS policies, or implementing tenant-scoped file uploads. | SkillsDocsRules | |
Enforces strict isolation of service_role key to server-side contexts only. Contains: service-role-boundary Enforces that service_role key is never exposed to client-side code. Validates admin client isolation, privileged operations routing, and server-only key usage. Use when implementing admin operations, server-side Supabase clients, or auditing service_role key usage. | SkillsDocsRules | |
Injects tenant ID and RBAC permissions into JWT via Postgres Auth Hooks during token issuance. Contains: custom-access-token-hook Generates Postgres Auth Hook that injects tenant_id and serialized permissions into JWT app_metadata using jsonb_set. Use when implementing RBAC, multi-tenant JWT claims, custom access token hooks, or permission injection into Supabase auth tokens. | SkillsDocsRules | |
Database architecture skills, docs, and rules for high-demand multi-tenant commerce platforms (PostgreSQL source of truth, Neo4j as derived GraphRAG projection, transactional outbox, RLS-based tenant isolation). Includes live schema introspection workflow via explicit Supabase MCP/read-only schema sources. Contains: adr-drafting Use when the user proposes — or the agent detects — a deviation from constitutional defaults that requires an Architecture Decision Record. Triggered by proposals to extract microservices, drop foreign keys, denormalize without measured evidence, store transactional truth in Neo4j, skip Row Level Security, skip the transactional outbox, run destructive migrations, use database-per-service, or any explicit override of a constitutional principle. Drafts a structured ADR with context, decision, consequences, alternatives rejected, migration path, validation criteria, and constitutional sections affected — and refuses to proceed with the underlying work until the ADR is at least Proposed status. commerce-database-architecture Use when designing or reviewing database architecture for high-demand multi-tenant commerce platforms — including PostgreSQL schema design, foreign keys, indexes, JSONB usage, multi-tenant isolation with Row Level Security, transactional outbox, Neo4j GraphRAG projections, event sourcing decisions, audit logging, partitioning, expand/contract migrations, and product/inventory/order modeling for restaurants, boutiques, drugstores, retailers, distributors, grocery, hardware, or appliance businesses. Triggered by any request to design tables, design schemas, create migrations, model products/variants/inventory/orders/payments, choose between monolith and microservices, choose between PostgreSQL and Neo4j as source of truth, model multi-tenant data, design event flows, or review an ER diagram. graph-rag-boundary-review Use when reviewing or designing how Neo4j and GraphRAG interact with PostgreSQL transactional truth — including any feature involving recommendations, semantic product search, ingredient relationships, substitution suggestions, complementary products, AI-assisted discovery, vector search combined with graph traversal, or any proposal that puts orders, inventory, payments, prices, or tenant access rules into Neo4j. Evaluates architectural proposals for data boundary violations, identifies sync pattern errors between Neo4j and PostgreSQL, produces structured design review feedback with severity-ranked findings, counter-proposals with Mermaid diagrams, eventing changes, and re-projection plans. Triggered by mentions of GraphRAG, Neo4j, knowledge graph, recommendations engine, semantic search, vector + graph hybrid search, AI product discovery, or any design that crosses the PostgreSQL ↔ Neo4j boundary. mermaid-diagram-review Use when the user shares a Mermaid ER diagram, schema sketch, or relationship diagram and asks for review, feedback, validation, or critique — including phrases like "what do you think of this", "look at this diagram", "I have this in mind", "can we model it like this", or pastes any block starting with "erDiagram" or "classDiagram". Validates the diagram against the constitution, returns a five-section structured response (constitutional violations, counter-proposal with improved Mermaid, migration plan if existing schema applies, test surface, open questions), and never silently accepts a design that violates tenant isolation, eventing, or graph-RAG boundaries. outbox-and-eventing-design Use when designing or reviewing the eventing layer of the commerce platform — including transactional outbox tables, outbox relays, domain event catalogs, idempotency keys, audit logs, memento snapshots, event sourcing decisions, and Neo4j projection workers. Triggered by requests to design events, design integration with external systems, design notification flows, design data sync to Neo4j or analytics warehouses, decide between event sourcing and CRUD, or review existing outbox / audit / event-sourcing schemas. postgres-schema-introspection Use when the agent needs to inspect the actual current state of a PostgreSQL database before answering a schema question — including before adding columns, before reviewing diagrams, before proposing migrations, or whenever the snapshot in .specify/memory/current-schema-state.md is stale. Connects via the configured Supabase MCP/read-only schema source, queries catalog metadata through list_tables or SELECT-only catalog SQL, and refreshes the snapshot file. Triggered by any "let me check what's already there", "what columns does X have", "what indexes exist on Y", "what does the schema look like", or by the snapshot being older than 24 hours. schema-evolution-workflow Use when the user wants to add an attribute, modify an entity, or model a new concept on top of an existing PostgreSQL schema — including phrases like "add a column to", "track this on the product", "we need to store", "model this concept", "extend the order with", "where should this live", or "should this be a new table". Inspects current state via the postgres-schema-introspection skill, runs a five-placement analysis (new column / JSONB key / EAV row / new related table / wrong entity), maps blast radius across foreign keys, outbox events, Neo4j projections, RLS, and indexes, and produces an expand/contract migration plan with rollback and tests. | SkillsDocsRules | |
Calibrate research done on socially noisy web sources so agents do not mistake crowd mood for truth. Includes source-specific skills for Moltbook, Hacker News, Reddit, and Product Hunt. Contains: social-source-calibration Route and calibrate research drawn from socially noisy web communities so agents do not mistake crowd mood for truth. Use when research notes, summaries, or quoted material come from Moltbook, Hacker News, Reddit, or Product Hunt and the job is to decide how much weight that material deserves, separate concrete weak signals from vibe/noise, or choose the right source-specific calibration skill before carrying findings forward. hacker-news-source-calibration Calibrate research done on Hacker News so agents do not mistake experienced technical cynicism, anti-hype sentiment, or comment-thread confidence for balanced evidence. Use when summarizing Hacker News reactions, extracting concerns from HN threads, citing HN as part of research, or deciding how much weight to give repeated negative or skeptical Hacker News comments. moltbook-source-calibration Interpret and calibrate already-collected research material derived from Moltbook so agents do not mistake noise, spam, novelty, or social heat for reliable evidence. Use when weighing notes, summaries, or quoted material from Moltbook as part of research, deciding whether a Moltbook claim is worth following up, checking source reliability or evidence quality, or separating concrete weak signals from social-performance noise. Prefer when Moltbook is being used as a weak-signal discovery source rather than as authoritative proof. This skill classifies gathered Moltbook material as concrete report, vibe signal, or noise; flags evidence strength and uncertainty; and suggests whether the claim is follow-up-worthy. This is an informational calibration skill, not a browsing or execution workflow. product-hunt-source-calibration Interpret and calibrate already-collected research material derived from Product Hunt so agents do not mistake launch-day momentum, supportive comments, or leaderboard position for durable product quality or market truth. Use when weighing notes, summaries, reviews, rankings, or quoted material from Product Hunt as part of research, or when deciding how much weight to give Product Hunt launch traction, comments, and maker feedback. This is an informational calibration skill, not a browsing or execution workflow. reddit-source-calibration Calibrate research done on Reddit so agents do not mistake subreddit culture, anecdotal intensity, or comment popularity for reliable evidence. Use when summarizing Reddit threads, extracting recurring user pain from Reddit discussions, citing Reddit as part of research, or deciding how much weight to give repeated subreddit sentiment. | SkillsDocs | |
Configures database INSERT triggers that offload document chunking and embedding to Edge Functions. Contains: rag-ingestion-trigger-pipeline Creates Postgres INSERT triggers that fire Edge Functions for document chunking and embedding generation. Configures the ingestion pipeline from raw document insert to vector storage. Use when building RAG ingestion, embed-on-insert pipelines, database-driven document ingestion, or automated embedding workflows. | SkillsDocsRules | |
Provides EXPLAIN ANALYZE workflow for identifying missing indexes, sequential scans, and query plan issues. Contains: query-explain-plan-debugging Executes EXPLAIN ANALYZE via MCP to debug slow queries, identify missing indexes, detect sequential scans, and optimize query plans. Use when debugging slow SQL, analyzing query plans, finding unused indexes, optimizing Postgres queries, or investigating index-not-used issues. | SkillsDocsRules | |
Configures server-side session synchronization via secure HTTP-only cookies for SSR frameworks. Contains: ssr-auth-session-management Implements server-side auth session management with HTTP-only cookie synchronization for Next.js, SvelteKit, and other SSR frameworks. Depends on PKCE auth flow. Use when implementing SSR authentication, server-side session sync, HTTP-only auth cookies, Next.js Supabase auth, or SvelteKit Supabase auth. | SkillsDocsRules | |
v2.11.2 SonicJS headless CMS knowledge base, coding standards, and architectural guidelines. Contains: sonicjs-api Configures and consumes the SonicJS headless CMS REST API — builds API clients, constructs query filters for content endpoints, configures CORS headers, and handles authenticated GET/POST requests with JSON payloads. Use when fetching data from SonicJS endpoints, sending HTTP requests to a SonicJS backend, integrating a frontend with a SonicJS API, creating or retrieving CMS content via fetch, managing CORS for a SonicJS deployment, or building an API client against SonicJS collections. sonicjs-auth Configures login flows, implements role-based access control (RBAC), generates JWT tokens, and manages user accounts in SonicJS. Use when configuring login flows, role-based access, permissions, auth, session management, or creating authentication middleware. sonicjs-cms Scaffolds new SonicJS routes, configures Drizzle ORM schemas, sets up authentication and RBAC, registers Hono.js plugins, and manages Cloudflare Workers deployment for a SonicJS edge-native headless CMS. Use when creating an API endpoint, adding a content type, configuring a database schema, deploying the CMS to Cloudflare, building or modifying a SonicJS plugin, setting up auth flows, or architecting any part of a SonicJS application backed by Cloudflare Workers, D1, R2, and HTMX. sonicjs-core Explains SonicJS core architecture, configures Hono routes, sets up middleware chains, and organises project directory structure. Use when the user asks about overall SonicJS architecture, configuring Hono routing, wiring up middleware handlers, scaffolding project directories, or understanding the middleware execution order (Bootstrap → Logging → Security → Standard → Route-Specific → Handler). sonicjs-database D1 database, Drizzle ORM schemas, database migrations, and schema configurations for SonicJS. Use when defining table schemas, generating migration files, writing select/insert/update queries, applying D1 migrations, or setting up and configuring collections with Drizzle ORM. sonicjs-forms Form.io integration, form creation, submission routing, shadow collections, and content mapping for SonicJS. Use when building form builders, querying form submissions, handling form data, working with form fields, or integrating the Form.io API in SonicJS. sonicjs-ops Deploys SonicJS applications to Cloudflare Workers, runs Vitest unit and Playwright E2E test suites, executes Drizzle ORM database migrations, manages Cloudflare D1/KV/R2 resources, and configures secrets via Wrangler CLI. Use when deploying to Cloudflare Workers, running migrations against D1 databases, executing Vitest or Playwright test suites, setting up local development, or managing production secrets. sonicjs-plugins Extends SonicJS functionality via modular plugins including Authentication (OTP, Magic Link), Editor (EasyMDE, TinyMCE, Quill), and Utility types. Use when adding, activating, building, or configuring a plugin, extension, hook, or add-on within SonicJS — including enabling passwordless auth flows, registering editor middleware, managing plugin lifecycle and dependencies, or interacting with the plugin API. | SkillsDocs |
Can't find what you're looking for? Evaluate a missing skill.