Row Level Security policy templates for Supabase - multi-tenant patterns, user isolation, role-based access, and secure-by-default configurations. Use when securing Supabase tables, implementing RLS policies, building multi-tenant AI apps, protecting user data, creating chat/RAG systems, or when user mentions row level security, RLS, Supabase security, tenant isolation, or data access policies.
View on GitHubFebruary 1, 2026
Select agents to install to:
npx add-skill https://github.com/vanman2024/ai-dev-marketplace/blob/main/plugins/supabase/skills/rls-templates/SKILL.md -a claude-code --skill rls-templatesInstallation paths:
.claude/skills/rls-templates/# RLS Templates Production-ready Row Level Security policy templates for Supabase applications, with focus on AI application patterns (multi-tenant chat, RAG systems, user-specific embeddings). ## Instructions ### 1. Applying RLS Policies **Apply policies to tables:** ```bash # Apply user isolation policies bash scripts/apply-rls-policies.sh user-isolation conversations messages # Apply multi-tenant policies bash scripts/apply-rls-policies.sh multi-tenant organizations org_members documents # Apply AI-specific policies bash scripts/apply-rls-policies.sh ai-chat conversations messages message_embeddings ``` **Generate custom policy:** ```bash # Generate policy from template bash scripts/generate-policy.sh user-isolation my_table user_id # Generate with custom column bash scripts/generate-policy.sh multi-tenant projects organization_id ``` ### 2. Testing RLS Enforcement **Test policies work correctly:** ```bash # Test all policies on a table bash scripts/test-rls-policies.sh conversations # Test specific user context bash scripts/test-rls-policies.sh messages --user-id "user-uuid-here" # Test multi-tenant isolation bash scripts/test-rls-policies.sh documents --org-id "org-uuid-here" ``` ### 3. Auditing Security **Audit tables for missing RLS:** ```bash # Audit all tables in public schema bash scripts/audit-rls.sh # Audit specific tables bash scripts/audit-rls.sh conversations messages embeddings # Generate audit report bash scripts/audit-rls.sh --report audit-report.md ``` ### 4. Policy Pattern Selection **Choose the right pattern:** - **user-isolation.sql**: User owns row directly (`user_id` column) - Use for: User profiles, settings, personal documents - Pattern: `auth.uid() = user_id` - **multi-tenant.sql**: Organization/team-based isolation - Use for: SaaS apps, team workspaces, shared resources - Pattern: Check organization membership via join - **role-based-access.sql**: Different permissions per role - Use for: Admin panels, hiera