Daily Supabase security & performance check
Run Supabase's security and performance advisors every morning and get a digest of new issues.
Every weekday morning, run Supabase's advisors on my project and tell me about anything that needs attention — before it becomes an incident. Check both the security advisors and the performance advisors. Then report: - Security: anything flagged — tables without RLS, exposed views, function search-path issues, leaked keys — grouped by severity, each with the object it affects and the one-line fix. - Performance: unindexed foreign keys, unused indexes, slow-query hints, and similar, most impactful first. - A count at the top and a clear "nothing new since yesterday" if the list is clean. Keep it a tight, scannable list with the fix for each item — not raw output. Read only: don't change anything, just report.
Supabase advisors — myproject — 30 Jun 2026 3 security · 2 performance 🔴 Security • Table public.invoices has no RLS enabled → enable RLS + add policies • View public.user_emails exposes auth.users → restrict or drop • Function handle_new_user has a mutable search_path → set search_path = '' 🟡 Performance • FK orders.customer_id is unindexed → add index on customer_id • Index idx_old_sessions is unused (0 scans / 30d) → consider dropping Nothing else changed since yesterday.
Supabase's advisors already know what's risky about your database — missing row-level security, exposed views, unindexed foreign keys — but nobody checks them until something breaks. This routine runs them every morning and emails only what needs attention, each with its fix, so security and performance drift gets caught early.
How it works
- It uses Supabase to run the security and performance advisors on your project.
- One prioritized digest lands in your inbox each weekday, with the fix for each item.
- It's read-only — the routine reports advisories, it never changes your database.
Make it yours
- Focus it on security only, or only surface high-severity items.
- Scope it to one project, or run separate routines per project.
- Widen to weekly for a stable database, or add a step to open a ticket for each new finding.
Run “Daily Supabase security & performance check” on autopilot
Copy it to your account, tweak the details, and it runs weekdays at 8:00 am.
Use this routine →More Engineering templates
Every Friday, scan Cloudflare's developer docs for the Workers, Pages, and security features that matter to your setup — plus recent changelog posts — emailed as a prioritized digest.
Every Monday, check Context7 for the current documented version, API, and migration notes of the libraries your project depends on — emailed as a short upgrade to-do list.
Every Thursday, ask DeepWiki what's new in the public GitHub repos you depend on — releases, breaking changes, and migration notes — emailed as a prioritized summary.
Each weekday, triages new, stale, and needs-triage issues across the repos you pick — grouped, prioritized, with a suggested label and owner per issue.