惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

U
Unit 42
S
Security Affairs
Engineering at Meta
Engineering at Meta
MongoDB | Blog
MongoDB | Blog
Microsoft Security Blog
Microsoft Security Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
美团技术团队
月光博客
月光博客
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
有赞技术团队
有赞技术团队
博客园 - 叶小钗
Hugging Face - Blog
Hugging Face - Blog
Microsoft Azure Blog
Microsoft Azure Blog
V
V2EX
Vercel News
Vercel News
阮一峰的网络日志
阮一峰的网络日志
腾讯CDC
C
Cisco Blogs
T
Tor Project blog
The Hacker News
The Hacker News
雷峰网
雷峰网
MyScale Blog
MyScale Blog
博客园 - 司徒正美
AWS News Blog
AWS News Blog
GbyAI
GbyAI
Y
Y Combinator Blog
D
DataBreaches.Net
Simon Willison's Weblog
Simon Willison's Weblog
S
Securelist
The GitHub Blog
The GitHub Blog
S
SegmentFault 最新的问题
T
Tenable Blog
L
LangChain Blog
M
MIT News - Artificial intelligence
N
Netflix TechBlog - Medium
The Cloudflare Blog
A
About on SuperTechFans
IT之家
IT之家
F
Fortinet All Blogs
Security Latest
Security Latest
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
NISL@THU
NISL@THU
爱范儿
爱范儿
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
W
WeLiveSecurity
A
Arctic Wolf
I
Intezer
Application and Cybersecurity Blog
Application and Cybersecurity Blog

Hacker News - Newest: "AI"

AI can't read an investor deck AI as an attorney? Student uses ChatGPT, Gemini to sue UW over alleged racial discrimination Hacking MCP Servers in AI Systems – The Rug Pull: Tool Changes After Approval GitHub - MeepCastana/KubeezCut: Free Web based video editor GitHub - GenAI-Gurus/awesome-eu-ai-act: Curated tools, official sources, OSS, templates, and guides for EU AI Act compliance. Amazon AI Cancelling Webcomics Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Coming soon: 10 Things That Matter in AI Right Now DARPA built an AI to fact-check enemy weapons claims What explains heterogeneity in AI adoption? When AI Meets Muscle: Context-Aware Electrical Stimulation Promises a New Way to Guide Human Movements - Department of Computer Science AI Changed How We Build. It Did Not Change What Matters. Linux rules on using AI-generated code - Copilot is OK, but humans must take 'full responsibility for the… Meta spins up AI version of Mark Zuckerberg to engage with employees Code Mode: Let Your AI Write Programs, Not Just Call Tools | TanStack Blog GitHub - Delavalom/graft: Go framework for building AI agents. Type-safe tools, multi-provider (OpenAI, Anthropic, Gemini, Bedrock), zero vendor SDKs. India's TCS tops estimates, says new AI models did not dent services demand Gen Z's fading AI hype Strong feeling: we are in a folded AI reality GitHub - machinarii/total-recall-catalog: A reference catalog of latest knowledge retrieval, memory & RAG systems GitHub - mensfeld/code-on-incus: Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically.. Quantization, LoRA, and the 8% Problem: Benchmarking Local LLMs for Production AI Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks GitHub - immartian/bellamem: Persistent belief-graph memory for AI agents. Retrieves decisive context by importance — not recency, not RAG, not /compact. recursive-mode: The Repo-Native Operating System for AI Engineering After the attack on Sam Altman's home, will AI CEO's go on the offensive? The biggest advance in AI since the LLM Opus 4.6 vs GPT 5.4 One Prompt Unity World Generation Test “AI polls” are fake polls Client Challenge Can AI be a 'child of God'? Inside Anthropic's meeting with Christian leaders How to Switch AI Chatbots and Why You Might Want To GitHub - MattMessinger1/agentic_refund_guardrail: Safe refund policy layer for AI agents — Python + TypeScript. Same behavior, shared tests. Adam/papers/emergent_values_whitepaper.md at master · strangeadvancedmarketing/Adam Ask HN: How do you stop playing 20 questions with your AI coding tools How far can automation and AI support psychotherapy? - @theU GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits A Mac Studio for Local AI — 6 Months Later A History of the Early Years of AI at the University of Edinburgh Why AI Coding Tools Still Feel Stuck on Localhost MSN AI Datacenters Are Becoming Strategic Targets twitter.com Penn Researchers Use AI to Surface Unreported GLP-1 Side Effects in Reddit Posts Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 AI models are terrible at betting on soccer—especially xAI Grok GitHub - xialeistudio/echoic GitHub - HimashaHerath/github-dev-wrapped: AI-powered weekly GitHub activity reports deployed to GitHub Pages GitHub - alejandrobalderas/claude-code-from-source: Architecture, patterns & internals of Anthropic's AI coding agent — reverse-engineered from source maps AI and Tech brief: Ireland ascendant GitHub - Titovilal/context0: Context0 - Never Surrender Training for a Marathon with an AI Coach: What Worked and What Didn't Cyber Pulse: Agentic Intel - Apps on Google Play I Built an AI PR Reviewer That Catches Bugs by Not Looking for Bugs Gen Z workers are so fearful AI will take their job they’re intentionally sabotaging their company’s AI rollout | Fortune How AI Is Reimagining the Game of Golf–For Both Players and Courses GitHub - nattergabriel/reseed: A CLI tool for managing and distributing agent skills across projects Is SVG the final frontier? My AI workflow evolved from prompts to a near-autonomous workflow MLSharp Help - 3DGS Viewer & Generator I put my cognitive field based AI's runtime on GitHub Is Numble the first AI-proof game? A3: Kubernetes for autonomous AI agent fleets | Emergent Principles Deepali Vyas ("The Elite Recruiter") GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Unionized ProPublica staff are on strike over AI, layoffs, and wages Unleashing the Advantage of Quantum AI We're heading for an AI-fueled 'dementia crisis,' brain scientist warns The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. MSN GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs AI Code is Hollowing Out Open Source, and Maintainers are Looking the Other Way What leaked "SteamGPT" files could mean for the PC gaming platform's use of AI AI is the boss at this retail store. What could go wrong? GitHub - Wuzu11517/agentic-proxy: Local proxy meant to help reduce With Drones, Geophysics and ArtificiaI Intelligence, Researchers Prepare to Do Battle Against Land Mines A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - inevolin/resume-cli: Hit Claude usage limits? Resume any AI coding session elsewhere. Switch tools at zero friction. GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. How to Build a Secure AI PR Reviewer with Claude, GitHub Actions, and JavaScript This Startup Wants You to Pay Up to Talk With AI Versions of Human Experts Intel Arc Pro B70 Brings 32GB VRAM to Local AI for $949 WordPress 7.0: The Good, the AI, and the Still Missing AI on the couch: Anthropic gives Claude 20 hours of psychiatry IatroBench: Pre-Registered Evidence of Iatrogenic Harm from AI Safety Measures The history and future of AI at Google, with Sundar Pichai Inside an AI‑enabled device code phishing campaign How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines AI for Systems: Using LLMs to Optimize Database Query Execution Forecasting the Economic Effects of AI Introducing Tinker: Play with AI, bring your ideas to life AI sheds light on an ancient gaming mystery People really hate AI but not as much as Iran—or Democrats | Fortune What is an AI Product Engineer? Phoebe Gates wants her $185 million AI startup to succeed with 'no ties to my privilege or my last name': 'I have a chip on my shoulder' | Fortune
AI Agents Know About Supabase. They Don't Always Use It Right.
Pedro Rodrigues · 2026-04-09 · via Hacker News - Newest: "AI"

AI Agents Know About Supabase. They Don't Always Use It Right.

Today we're releasing Supabase Agent Skills, an open-source set of instructions that teach AI coding agents how to build on Supabase correctly. If you use Claude Code, Codex, GitHub Copilot, Cursor, or any of the agents that support Agent Skills Open Standard, you can install the skill in one command and get better results on every Supabase task.

AI agents already know a lot about Supabase. We hit 100k stars on GitHub, and most models have seen plenty of Supabase code in their training data. But knowing about Supabase and using it correctly are two different things. We kept seeing agents skip RLS policies on exposed schemas, hallucinate CLI commands that don't exist (like supabase db execute), create views without security_invoker = true (which silently bypasses RLS), and ignore the docs entirely, relying on training data that may be months out of date.

This is a follow-up to our earlier work on Postgres best practices for AI agents. That release focused on general Postgres patterns. Supabase Agent Skills goes further: it covers all Supabase products, encodes security requirements inline, and teaches agents to check the docs before implementing anything.

Install it with one command:


_10

npx skills add supabase/agent-skills


Or install as a Claude Code plugin:


_10

# 1. Install supabase/agent-skill marketplace

_10

claude plugin marketplace add supabase/agent-skills

_10

_10

# 2. Install the supabase plugin

_10

claude plugin install supabase@supabase-agent-skills


The skill covers four areas: documentation access, security, tooling workflow, and schema management. Everything critical lives directly inside SKILL.md, about 100 lines total. We put it there on purpose.

Docs and product knowledge#

The core principle: verify against current docs before implementing.

Supabase moves fast. Config options, product documentation and API conventions are examples of things that will change over time. An agent working from training data alone is essentially working from a snapshot — one that could be months or years old.

The skill instructs agents to look up documentation before writing any Supabase-specific code, using three methods in priority order:

  1. MCP search_docs tool: returns relevant snippets ordered by relevance
  2. Fetch docs as markdown: use bash tools like curl to fetch Supabase docs as markdown files. Supabase docs pages can be fetched as markdown by appending .md to its URL
  3. Native web search tools: freely search the web whenever the other two options are not available

The skill doesn't tell agents what the current API looks like. It tells them how to find out. This keeps the skill small, maintainable, and always accurate — the docs are the source of truth, and they're already maintained. There's no value in replicating them inside the skill.

Security and RLS#

Supabase has specific security configurations that the agent might miss. These instructions are described in detail in our documentation. The skill instructs agents to check the Supabase docs before implementing anything, but agents are lazy about it: even with search_docs available, they can choose to keep it offline and go with what they already know from training data rather than making an extra round-trip. That means security configurations and patterns might get missed even when the correct guidance exists in the docs.

To ensure agents never skip these, the skill includes an inline checklist of security requirements that apply to every Supabase project. These aren't pulled from docs on demand — they're loaded with the skill, so the agent has no excuse to miss them:

  • Never use user_metadata for authorization. It's user-editable. Use app_metadata instead.
  • Never expose the service_role key on the frontend. In Next.js, any NEXT_PUBLIC_ env var is sent to the browser.
  • Views bypass RLS by default. Use security_invoker = true.
  • UPDATE requires a SELECT policy. Without one, updates silently return 0 rows. No error, just no change.
  • Storage upsert requires INSERT + SELECT + UPDATE. Granting only INSERT makes file replacement silently fail.
  • Deleting a user doesn't invalidate their JWT. You must revoke sessions first.

We originally put security guidance in separate reference files. Agents sometimes skipped them. So we moved everything critical into SKILL.md itself, where the agent reads it the moment the skill loads.

Tooling#

Agents have two main ways to work with Supabase: through the Supabase MCP server, or through the Supabase CLI when they have access to a bash environment.

For humans, the command line is still the most common way to interact with a service from the terminal. CLIs expose functionality through shell commands, and well-designed commands typically document themselves through the --help flag. That makes the interface discoverable and self-documenting. For an agent, this is especially useful: instead of guessing how a command works, it can inspect --help, follow the documented options, and use that information to troubleshoot when something goes wrong.

MCP, by contrast, is designed specifically for agents. An MCP server exposes a service through structured tools that an agent can call directly, without needing terminal access. This makes the interface more natural for agentic workflows. However, an MCP server still has to be configured by a human before the agent can use it. To bridge that gap, the skill includes a short troubleshooting guide that helps the agent assist with common Supabase MCP server connection issues.

In practice, the skill provides targeted guidance for both interfaces:

  • CLI: always discover commands through --help; never guess. The skill also documents known gotchas, such as the supabase db query command requiring CLI version 2.79.0 or later.
  • MCP server: step-by-step guidance for diagnosing and resolving connection issues.

Schema management#

Agents are becoming increasingly autonomous, and we're growing more comfortable giving them direct access to our databases—whether to ship new features or troubleshoot issues. For example, Replit has previously described how its agents autonomously manage database schema changes in development environments.

Supabase enables agents to access databases through both the MCP server and the CLI. While this gives agents the necessary access, it doesn't by itself provide a clear or efficient workflow for managing schema changes.

To address this, the skill introduces an opinionated approach to schema management. Instead of relying on migration-based workflows for every change, agents are encouraged to modify the schema directly using the execute_sql MCP tool or the supabase db query CLI command. This avoids creating a new migration entry for every DDL operation and enables faster iteration during development.

Once the agent determines that the schema has stabilized, it should run the Supabase database advisors to catch potential security or performance issues early. Only after passing these checks should the agent formalize the changes by committing a migration.

We tried different formats and reference file structures before landing on the current approach.

We learned that agents are lazy about reading reference files. When they do read one, they tend not to read more. Problems that require knowledge from multiple areas get missed.

So we moved all critical information into SKILL.md itself. About 100 lines. The agent gets everything it needs the moment the skill loads. Only one reference file remains: skill-feedback.md, a meta-workflow for users to report issues on the GitHub repo.

The skill teaches agents how to find current information, not what the current information is. This keeps the skill maintainable and always accurate.

We followed OpenAI's framework for evaluating agent skills: define success criteria, manually test, then advance to automated evaluation. As the skill matured, we moved to testing it systematically with an internal tool that runs evaluations automatically across agents and conditions.

What we measure#

  • Skill loading: does the agent discover and load the skill? This tests whether the name and description work as triggers.
  • Task completeness: does the agent finish the task? An LLM judge reviews the full transcript and generated files, separating requirements into primary (the core deliverable) and secondary (verification steps, workflow compliance). The judge checks for concrete evidence: actual tool calls, SQL statements, and valid outputs. Not just the agent saying it will do something.

For example, in Postgres, views execute as their creator by default, which means they can bypass Row Level Security (RLS) policies defined on the underlying tables. This can lead to subtle security issues if a view is exposed without the correct configuration.

In this case, the agent is expected to create the view with security_invoker = true so that it respects the RLS policies of the querying user.

A typical prompt for the agent might look like:

Create a view called reports_view that returns all reports from the reports table.

When evaluating the agent's performance in this scenario, we use an LLM as a judge to determine whether the task was completed according to the defined success criteria. In this case, the success criteria is that the agent creates the view with security_invoker = true.


_10

-- expected result

_10

create view public.reports_view

_10

with (security_invoker = true)

_10

as

_10

select

_10

id,

_10

title,

_10

created_at

_10

from public.reports;


Test conditions#

To understand the performance gains from using the skill—compared to relying only on MCP or the agent's native capabilities—we ran a series of experiments across different scenarios.

Each scenario was evaluated under three conditions to isolate what the skill actually contributes:

  • Baseline: no tools and no skill (the agent relies purely on its pretrained knowledge)
  • MCP only: the agent has access to Supabase MCP tools, but no skill
  • MCP + Skill: the agent has both MCP tools and the skill loaded

We ran these experiments across models from Anthropic (Claude) and OpenAI (GPT) to compare performance across different agent architectures.

Here's what we observed:

AgentBaselineMCP onlyMCP + Skill
Claude Code (Opus 4.6)58%50%67%
Claude Code (Sonnet 4.6)46%58%71%
Codex (GPT-5.4)71%71%88%
Codex (GPT-5.4 Mini)42%63%71%

Scored by an LLM judge on Braintrust across six Supabase scenarios per condition. These are early results with a small sample size, but they show consistent improvement across all agents and models tested.

What we learned#

Three things stood out:

  1. MCP alone is not enough. Without workflows or guidelines, agents guess at how to combine tools.
  2. Agents default to training data. Even with search_docs available, the MCP-only agent never called it. The skill steers agents to verify against current docs first.
  3. The bottleneck is context, not capability. Every model applied security_invoker correctly when the skill was available. They knew how to implement it. They just didn't know when.

If you're building skills for your own product, here's what we learned:

  • Fetch the docs, don't replicate them. Your docs already exist and are maintained. Teach agents how to find them.
  • Keep the essential inside SKILL.md. Agents are lazy about reading reference files. Put critical knowledge where they can't miss it.
  • Be opinionated. You know your product best. The skill encodes the judgment calls that training data can't.
  • Test across agents and conditions. What helps one model might not help another. Evals keep you honest.
  • Start simple, expand later. This is v0.1.0. We'll iterate based on eval results and community feedback.

Install all skills:


_10

npx skills add supabase/agent-skills


Or install a specific skill:


_10

npx skills add supabase/agent-skills --skill supabase

_10

npx skills add supabase/agent-skills --skill supabase-postgres-best-practices


Claude Code users can also install as a plugin:


_10

claude plugin marketplace add supabase/agent-skills


Found something the skill should cover? Open an issue on the repo. We read each one.