{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"npm_npm-supabasemcp-server-supabase","slug":"npm-supabasemcp-server-supabase","name":"@supabase/mcp-server-supabase","type":"mcp","url":"https://www.npmjs.com/package/@supabase/mcp-server-supabase","page_url":"https://unfragile.ai/npm-supabasemcp-server-supabase","categories":["mcp-servers"],"tags":[],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"npm_npm-supabasemcp-server-supabase__cap_0","uri":"capability://tool.use.integration.postgresql.table.crud.operations.via.mcp.protocol","name":"postgresql table crud operations via mcp protocol","description":"Exposes Supabase PostgreSQL tables as MCP resources with standardized read, create, update, and delete operations. Implements a schema-aware abstraction layer that translates MCP tool calls into parameterized SQL queries, handling type coercion and constraint validation at the protocol boundary. Uses Supabase's JavaScript client library to maintain connection pooling and authentication state.","intents":["I want to query and modify database records from an AI agent without writing raw SQL","I need to expose my Supabase schema to Claude or other MCP-compatible clients for autonomous data operations","I want type-safe database mutations through a standardized protocol instead of direct SQL injection"],"best_for":["AI agent developers building autonomous workflows against Supabase backends","Teams integrating Supabase with Claude via MCP for data-driven decision making","Developers wanting to sandbox database access through protocol-level constraints"],"limitations":["No built-in query optimization — complex joins or aggregations may require custom SQL tools","Row-level security (RLS) policies are enforced at the Supabase level but not explicitly surfaced in capability descriptions","Batch operations are sequential, not bulk-optimized — each mutation is a separate transaction","No support for stored procedures or custom functions through the standard CRUD interface"],"requires":["Supabase project with PostgreSQL database","Valid Supabase API key (service role or anon key with appropriate RLS policies)","Node.js 18+ runtime","MCP-compatible client (Claude, or custom MCP host)"],"input_types":["JSON objects matching table schema","Filter/where clause objects","Column selection arrays"],"output_types":["JSON rows from tables","Operation status (success/error)","Row counts for mutations"],"categories":["tool-use-integration","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-supabasemcp-server-supabase__cap_1","uri":"capability://tool.use.integration.real.time.database.change.subscriptions.via.mcp.resources","name":"real-time database change subscriptions via mcp resources","description":"Exposes Supabase Realtime subscriptions as MCP resources, allowing MCP clients to subscribe to PostgreSQL table changes (INSERT, UPDATE, DELETE) and receive streaming notifications. Implements WebSocket connection management through Supabase's Realtime client, translating change events into MCP resource updates that clients can poll or stream.","intents":["I want an AI agent to react to database changes in real-time without polling","I need to stream live data updates from Supabase to a Claude session for context-aware responses","I want to trigger agent workflows when specific database mutations occur"],"best_for":["Real-time AI agents that need to respond to live data changes","Collaborative applications where multiple agents need synchronized state","Event-driven workflows triggered by database mutations"],"limitations":["Realtime subscriptions require Supabase Realtime service to be enabled and configured","WebSocket connections are stateful — reconnection logic must handle network interruptions","Change events include only the delta, not full row context — requires additional queries for full record state","Subscription filters are limited to table and schema level; column-level filtering requires client-side processing"],"requires":["Supabase Realtime service enabled on the project","Supabase API key with Realtime permissions","MCP client with resource subscription support","Network connectivity for WebSocket (not available in restricted environments)"],"input_types":["Table name and schema","Event filter (INSERT, UPDATE, DELETE)","Optional row-level filters"],"output_types":["Change event objects with operation type and affected rows","Streaming notifications","Connection status updates"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-supabasemcp-server-supabase__cap_2","uri":"capability://safety.moderation.authentication.and.authorization.context.propagation","name":"authentication and authorization context propagation","description":"Manages Supabase authentication tokens and row-level security (RLS) context within MCP tool execution. Implements token refresh logic and passes user identity through to PostgreSQL via Supabase's JWT claims, ensuring database operations respect RLS policies defined at the table/row level. Handles both service-role (unrestricted) and user-scoped (RLS-enforced) authentication modes.","intents":["I want database operations to respect my Supabase RLS policies when executed by an AI agent","I need to execute queries as a specific user identity, not as a service account","I want to ensure an agent cannot access rows it shouldn't, even if it tries to query them"],"best_for":["Multi-tenant applications where agents must respect user isolation","Security-sensitive workflows where RLS enforcement is non-negotiable","Teams using Supabase's built-in authorization model"],"limitations":["RLS policies are evaluated at the database level — agent cannot see policy definitions to reason about access","Token refresh requires valid refresh token; expired sessions will fail without re-authentication","Service-role mode bypasses RLS entirely — must be used carefully and only for trusted operations","JWT claims are immutable during a session — cannot change user context mid-execution without re-authentication"],"requires":["Supabase project with RLS policies defined on tables","Valid user session token or service role key","Supabase JWT configuration (default or custom claims)","MCP client capable of passing auth context"],"input_types":["User JWT token or API key","User ID or custom claims","Authentication mode flag (user vs service-role)"],"output_types":["Authenticated request context","RLS-filtered query results","Authorization error messages"],"categories":["safety-moderation","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-supabasemcp-server-supabase__cap_3","uri":"capability://tool.use.integration.supabase.storage.file.operations.upload.download.delete","name":"supabase storage file operations (upload, download, delete)","description":"Exposes Supabase Storage buckets as MCP resources with file management capabilities. Implements multipart upload handling for large files, signed URL generation for secure access, and metadata tracking. Uses Supabase's Storage API client to abstract S3-compatible operations, handling bucket policies and public/private access control.","intents":["I want an AI agent to upload files to Supabase Storage without exposing storage keys","I need to generate signed URLs for temporary file access from an agent workflow","I want to manage file metadata and access control through MCP tools"],"best_for":["Agents that need to persist generated content (documents, images, logs) to cloud storage","Multi-user applications where file access must be controlled per user","Workflows that generate and share files with expiring access windows"],"limitations":["File size limits depend on Supabase Storage tier — no built-in chunking for very large files","Signed URLs have fixed expiry times — cannot be extended after generation","No built-in virus scanning or content validation — must be implemented separately","Bucket policies are static — cannot be modified through MCP tools, only enforced"],"requires":["Supabase Storage bucket created and configured","Supabase API key with Storage permissions","File size within Storage tier limits (typically 5GB per file)","Network connectivity for file upload/download"],"input_types":["File binary data or stream","File path and bucket name","Metadata (content-type, cache-control)","Access control flags (public/private)"],"output_types":["File URL or signed URL","Upload/download status","File metadata (size, created_at, updated_at)"],"categories":["tool-use-integration","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-supabasemcp-server-supabase__cap_4","uri":"capability://memory.knowledge.vector.similarity.search.via.pgvector.integration","name":"vector similarity search via pgvector integration","description":"Exposes Supabase's pgvector extension as MCP tools for semantic search and similarity queries. Implements vector embedding storage in PostgreSQL and provides cosine/L2 distance-based search through MCP tool calls. Integrates with embedding providers (OpenAI, Hugging Face) or accepts pre-computed embeddings, storing them in vector columns and querying via SQL operators.","intents":["I want an AI agent to search my knowledge base using semantic similarity, not keyword matching","I need to find similar documents or records based on embedding distance","I want to build a RAG system where the agent can retrieve relevant context from a vector index"],"best_for":["RAG (Retrieval-Augmented Generation) systems where agents need semantic search","Knowledge base applications with similarity-based retrieval","Recommendation systems that rank items by embedding distance"],"limitations":["pgvector queries require pre-computed embeddings — no on-the-fly embedding generation within the query","Vector dimension must be fixed at table creation time — cannot change embedding model without schema migration","Large vector indexes (millions of rows) may require HNSW indexing for performance, adding complexity","Similarity thresholds are arbitrary — no built-in semantic understanding of what 'similar' means for a domain"],"requires":["Supabase PostgreSQL database with pgvector extension enabled","Vector columns created in target tables with fixed dimensions","Pre-computed embeddings (from OpenAI, Hugging Face, or custom model)","Embedding dimension matching the model used (e.g., 1536 for OpenAI text-embedding-3-small)"],"input_types":["Query vector (array of floats)","Similarity metric (cosine, L2, inner product)","Result limit and threshold","Optional metadata filters"],"output_types":["Ranked list of similar records with distance scores","Metadata and content of matched rows","Similarity scores (0-1 for cosine)"],"categories":["memory-knowledge","search-retrieval"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-supabasemcp-server-supabase__cap_5","uri":"capability://tool.use.integration.edge.function.invocation.and.result.streaming","name":"edge function invocation and result streaming","description":"Exposes Supabase Edge Functions as MCP tools, allowing agents to invoke serverless functions deployed on Supabase's edge network. Implements HTTP request/response translation through the MCP protocol, handling function authentication, timeout management, and streaming responses. Supports both synchronous calls and long-running operations with status polling.","intents":["I want an agent to trigger custom business logic without embedding it in the agent itself","I need to invoke serverless functions that run close to users (edge computing)","I want to extend agent capabilities with custom code deployed separately from the MCP server"],"best_for":["Teams with custom business logic deployed as Edge Functions","Workflows requiring low-latency execution (geographically distributed)","Agents that need to call external services through a Supabase-hosted proxy"],"limitations":["Edge Function execution time is limited (typically 60-120 seconds) — long-running tasks must be async","Cold starts add 100-500ms latency on first invocation — not suitable for latency-critical operations","Function authentication requires valid Supabase API key — cannot be called anonymously without explicit configuration","Response size limits apply (typically 6MB) — streaming large payloads requires chunking"],"requires":["Supabase Edge Functions deployed in the project","Valid Supabase API key with Edge Function invocation permissions","Function endpoint URL and authentication method","Network connectivity to Supabase edge network"],"input_types":["Function name or URL","Request body (JSON or binary)","HTTP method and headers","Timeout configuration"],"output_types":["Function response body (JSON, text, or binary)","HTTP status code","Response headers","Execution time metadata"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-supabasemcp-server-supabase__cap_6","uri":"capability://memory.knowledge.schema.introspection.and.capability.discovery","name":"schema introspection and capability discovery","description":"Automatically discovers Supabase database schema (tables, columns, types, relationships) and exposes them as MCP resource definitions. Implements schema caching with optional refresh, generating tool descriptions and parameter schemas dynamically from PostgreSQL information_schema. Enables agents to understand available data structures without hardcoded tool definitions.","intents":["I want an agent to understand my database schema without manual configuration","I need to dynamically generate MCP tools based on my current database structure","I want schema changes to automatically propagate to agent capabilities"],"best_for":["Rapidly evolving schemas where manual tool definition is impractical","Multi-tenant systems with per-tenant schema variations","Teams wanting agents to adapt to schema changes without redeployment"],"limitations":["Schema introspection adds startup latency (typically 500ms-2s depending on schema size)","Complex types (custom PostgreSQL types, arrays) may not map cleanly to MCP parameter schemas","Schema caching can become stale if tables are modified outside the MCP server","No support for schema-level documentation — tool descriptions are generated from column names and types alone"],"requires":["Supabase API key with schema introspection permissions","PostgreSQL database with accessible information_schema","MCP client capable of dynamic tool discovery"],"input_types":["Schema refresh trigger","Optional schema filter (specific tables or schemas)"],"output_types":["MCP tool definitions with parameter schemas","Table and column metadata","Relationship information (foreign keys)"],"categories":["memory-knowledge","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-supabasemcp-server-supabase__cap_7","uri":"capability://automation.workflow.transaction.management.and.multi.step.operations","name":"transaction management and multi-step operations","description":"Provides MCP tools for managing PostgreSQL transactions, allowing agents to group multiple database operations into atomic units. Implements transaction lifecycle management (BEGIN, COMMIT, ROLLBACK) through MCP calls, with support for savepoints and isolation level configuration. Ensures consistency for complex workflows that require all-or-nothing semantics.","intents":["I want an agent to execute multiple database operations atomically, rolling back if any step fails","I need to ensure data consistency when an agent modifies related records across tables","I want to implement complex workflows with savepoints for partial rollback"],"best_for":["Financial or transactional workflows where consistency is critical","Multi-step agent operations that must succeed or fail together","Systems requiring audit trails of atomic changes"],"limitations":["Long-running transactions hold locks, potentially blocking other operations — agents must minimize transaction duration","Nested transactions require savepoint management — complex for agents to reason about","Isolation level configuration is static per transaction — cannot change mid-transaction","Deadlocks are possible with concurrent transactions — agents have no built-in deadlock detection or retry logic"],"requires":["Supabase PostgreSQL database","Supabase API key with transaction permissions","MCP client capable of stateful transaction management"],"input_types":["Transaction control commands (BEGIN, COMMIT, ROLLBACK, SAVEPOINT)","Isolation level (READ UNCOMMITTED, READ COMMITTED, REPEATABLE READ, SERIALIZABLE)","Optional savepoint name"],"output_types":["Transaction status (active, committed, rolled back)","Error messages on transaction failure","Savepoint confirmation"],"categories":["automation-workflow","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":40,"verified":false,"data_access_risk":"high","permissions":["Supabase project with PostgreSQL database","Valid Supabase API key (service role or anon key with appropriate RLS policies)","Node.js 18+ runtime","MCP-compatible client (Claude, or custom MCP host)","Supabase Realtime service enabled on the project","Supabase API key with Realtime permissions","MCP client with resource subscription support","Network connectivity for WebSocket (not available in restricted environments)","Supabase project with RLS policies defined on tables","Valid user session token or service role key"],"failure_modes":["No built-in query optimization — complex joins or aggregations may require custom SQL tools","Row-level security (RLS) policies are enforced at the Supabase level but not explicitly surfaced in capability descriptions","Batch operations are sequential, not bulk-optimized — each mutation is a separate transaction","No support for stored procedures or custom functions through the standard CRUD interface","Realtime subscriptions require Supabase Realtime service to be enabled and configured","WebSocket connections are stateful — reconnection logic must handle network interruptions","Change events include only the delta, not full row context — requires additional queries for full record state","Subscription filters are limited to table and schema level; column-level filtering requires client-side processing","RLS policies are evaluated at the database level — agent cannot see policy definitions to reason about access","Token refresh requires valid refresh token; expired sessions will fail without re-authentication","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.6704820443471833,"quality":0.26,"ecosystem":0.3,"match_graph":0.25,"freshness":0.52,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:24.482Z","last_scraped_at":"2026-05-03T14:23:32.720Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":112559,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=npm-supabasemcp-server-supabase","compare_url":"https://unfragile.ai/compare?artifact=npm-supabasemcp-server-supabase"}},"signature":"hSnN7T54Np3WlUKoee3J8wpYZcyvAfltlD2OHx1SZ92cakyenMsXz43WbcSuGF+YO4K5utIGju9OO5urwLcJCw==","signedAt":"2026-06-21T01:41:13.037Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/npm-supabasemcp-server-supabase","artifact":"https://unfragile.ai/npm-supabasemcp-server-supabase","verify":"https://unfragile.ai/api/v1/verify?slug=npm-supabasemcp-server-supabase","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}