// MCP TOOL REFERENCE

SUPABASE TOOLS

29 tools from the Supabase MCP Server, categorised by risk level.

View the Supabase policy → Token cost: 2,561 tokens →
// ALL 29 SUPABASE TOOLS
READ 17 tools
Read get_advisors Gets a list of advisory notices for the Supabase project. Use this to check for security vulnerabilities or... Read get_cost Gets the cost of creating a new project or branch. Never assume organization as costs can be different for ... Read get_edge_function Retrieves file contents for an Edge Function in a Supabase project. Read get_logs Gets logs for a Supabase project by service type. Use this to help debug problems with your app. This will ... Read get_organization Gets details for an organization. Includes subscription plan. Read get_project Gets details for a Supabase project. Read get_project_url Gets the API URL for a project. Read get_publishable_keys Gets all publishable API keys for a project, including legacy anon keys (JWT-based) and modern publishable ... Read list_branches Lists all development branches of a Supabase project. This will return branch details including status whic... Read list_edge_functions Lists all Edge Functions in a Supabase project. Read list_extensions Lists all extensions in the database. Read list_migrations Lists all migrations in the database. Read list_organizations Lists all organizations that the user is a member of. Read list_projects Lists all Supabase projects for the user. Use this to help discover the project ID of the project that the ... Read list_tables Lists all tables in one or more schemas. Read search_docs Search the Supabase documentation using GraphQL. Must be a valid GraphQL query. You should default to calli... Read generate_typescript_types Generates TypeScript types for a project.
WRITE 3 tools
Write create_branch Creates a development branch on a Supabase project. This will apply all migrations from the main project to... Write create_project Creates a new Supabase project. Always ask the user which organization to create the project in. The projec... Write restore_project Restores a Supabase project.
DESTRUCTIVE 3 tools
Destructive delete_branch Deletes a development branch. Destructive reset_branch Resets migrations of a development branch. Any untracked data or schema changes will be lost. Destructive pause_project Pauses a Supabase project.
EXECUTE 5 tools
Execute deploy_edge_function Deploys an Edge Function to a Supabase project. If the function already exists, this will create a new vers... Execute execute_sql Executes raw SQL in the Postgres database. Use `apply_migration` instead for DDL operations. This may retur... Execute rebase_branch Rebases a development branch on production. This will effectively run any newer migrations from production ... Execute apply_migration Applies a migration to the database. Use this when executing DDL operations. Do not hardcode references to ... Execute merge_branch Merges migrations and edge functions from a development branch to production.
FINANCIAL 1 tools
Financial confirm_cost Ask the user to confirm their understanding of the cost of creating a new project or branch. Call `get_cost...
// RUNNING THIS SERVER

The managed route: connect Supabase through the PolicyLayer gateway — every tool call above is checked against your policy before it runs, with a full audit log.

DIRECT INSTALL (UNMANAGED) npx -y @modelcontextprotocol/server-supabase

Route Supabase through PolicyLayer and every one of its 29 tools is checked against your policy before it runs.

CHECK YOUR STACK →

See every tool, the dangerous ones, and the token cost across your stack.

// FAQ
How many tools does the Supabase MCP server have? +

The Supabase MCP server exposes 29 tools across 5 categories: Read, Write, Destructive, Execute, Financial.

How do I enforce policies on Supabase tools? +

Route the Supabase server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do Supabase tools fall into? +

Supabase tools are categorised as Read (17), Write (3), Destructive (3), Execute (5), Financial (1). Each category has a recommended default policy.

Enforce policy on every Supabase tool call.

Start from Supabase, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.