High-risk tools in Supabase MCP Server
4 of the 31 tools in Supabase MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
apply_migrationExecuteApplies a SQL migration to the database. SQL passed to this tool will be tracked within the database, so LLMs should use this for DDL operations (schema changes).
-
deploy_edge_functionExecuteDeploys a new Edge Function to a Supabase project. LLMs can use this to deploy new functions or update existing ones.
-
execute_sqlExecuteExecutes raw SQL in the database. LLMs should use this for regular queries that don't change the schema.
-
rebase_branchExecuteRebases development branch on production to handle migration drift.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.