Does it support PostgreSQL views?

Yes, it specifically checks for view bypass vulnerabilities and ensures views use the 'security_invoker = true' property to respect caller permissions.

How does it handle connection pooling?

It enforces the use of 'SET LOCAL' within transactions to prevent tenant context leakage between pooled connections in high-traffic applications.

When does the postgres-rls skill trigger?

It activates whenever you modify database migrations, authentication tables, or files containing multi-tenant architecture logic like tenant IDs and RLS policy definitions.

Can it help with RLS performance issues?

Absolutely. The skill provides specific patterns for indexing policy columns and wrapping functions in subqueries to prevent per-row performance degradation.

Why is 'FORCE ROW LEVEL SECURITY' necessary?

By default, table owners bypass RLS. This skill ensures both ENABLE and FORCE statements are used to prevent data leaks even when accessed by owners.

PostgreSQL Row Level Security (RLS)

Name: PostgreSQL Row Level Security (RLS)
Author: troykelly

bytroykelly

•

数据库管理

Enforces robust multi-tenant data isolation by auditing PostgreSQL Row Level Security policies and preventing common bypass vulnerabilities.

This skill provides an opinionated framework for implementing and auditing PostgreSQL Row Level Security (RLS) to ensure bulletproof data isolation in multi-tenant applications. It automatically identifies security gaps such as superuser bypasses, table owner leaks, and view vulnerabilities while providing high-performance patterns for policy functions and transaction-scoped contexts. It acts as a mandatory guardrail whenever Claude touches authentication tables, tenant isolation logic, or database migration scripts, ensuring that your last line of defense against data breaches is correctly configured.

主要功能

01Detection of critical bypass vulnerabilities including Superuser, Owner, and View leaks

022 GitHub stars

03Validation of USING and WITH CHECK clauses for complete read/write protection

04Performance optimization guidance for policy functions, indexing, and subquery wrapping

05Automated generation of RLS implementation artifacts for security audit trails

06Standardized migration patterns for safe RLS deployment on large, existing tables

使用场景

01Securing multi-tenant SaaS applications with strict data isolation requirements

02Auditing database migrations for security footguns before production deployment

03Optimizing slow RLS policies for high-performance production database workloads

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add troykelly/claude-skills postgres-rls

For use in Claude.ai and ChatGPT

Download Skill