{"id":"coleam00-supabase-mcp","name":"supabase-mcp","homepage":null,"repo_url":"https://github.com/coleam00/supabase-mcp","category":"databases","subcategories":[],"tags":["mcp","supabase","database","crud","python","docker","stdio-transport","ai-tools"],"what_it_does":"Provides an MCP (Model Context Protocol) server (Python, Docker) that exposes tools for CRUD operations on tables in a Supabase database using SUPABASE_URL and a SUPABASE_SERVICE_KEY.","use_cases":["AI assistants that need to read from Supabase tables with filters and pagination","Automation that inserts records into Supabase tables from natural-language/task flows","Updating existing Supabase rows based on filter criteria","Deleting records from Supabase based on filter criteria"],"not_for":["Public/anonymous or untrusted environments (service-role key usage is sensitive)","Unrestricted data access (no mention of row-level security enforcement within the MCP tool itself)","High-stakes operations without audit, validation, and least-privilege controls","Complex query requirements beyond basic filter/limit/offset patterns"],"best_when":"You control the Supabase project and table permissions (ideally via RLS) and you run the MCP server in a trusted environment where the service key can be protected.","avoid_when":"You cannot safely protect SUPABASE_SERVICE_KEY or you need strong guardrails against accidental/unsafe writes/deletes.","alternatives":["Use Supabase’s native REST/GraphQL APIs with your own application-layer validation","Expose a custom backend API (with least-privilege JWT/RLS) rather than service-role credentials directly","Use Supabase client libraries directly from the agent runtime (with strict policy/validation)","Build an MCP server wrapper around Supabase that enforces allowlists and validation"],"af_score":44.0,"security_score":45.5,"reliability_score":28.8,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:38:24.997777+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":["Python"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["SUPABASE_SERVICE_KEY via environment variable"],"oauth":false,"scopes":false,"notes":"Uses Supabase service role key passed via SUPABASE_SERVICE_KEY. README does not describe fine-grained scopes or OAuth flows; service-role implies elevated privileges."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information for the MCP server itself is provided in the README; costs would be driven by Supabase usage and hosting."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":44.0,"security_score":45.5,"reliability_score":28.8,"mcp_server_quality":65.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":45.0,"rate_limit_clarity":10.0,"tls_enforcement":90.0,"auth_strength":35.0,"scope_granularity":10.0,"dependency_hygiene":45.0,"secret_handling":50.0,"security_notes":"Uses SUPABASE_SERVICE_KEY (service role key), which is high privilege. README only shows passing it via env vars; it does not document least-privilege, row-level security handling, audit logging, or protections/validation around table/column access or unsafe writes/deletes. TLS is likely required by Supabase endpoints, but not stated in this README.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":50.0,"error_recovery":25.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"limit/offset","retry_guidance_documented":false,"known_agent_gotchas":["Service-role key is powerful; an agent can potentially write/delete data if not constrained (no explicit guardrails/allowlists mentioned).","Filter semantics and supported operators are not specified in the README; agents may need schema awareness.","Pagination is via limit/offset, which may be less reliable under concurrent updates than cursor-based pagination.","No documented retry/idempotency behavior for create/update/delete operations."]}}