supabase-community/supabase-mcp

Minor capabilities, nothing alarming.

Outbound network 3

Environment variables (config / keys) 2

AI review

This is an official Supabase MCP server extension with no hidden instructions, prompt injection, or data exfiltration mechanisms. The network calls and environment variable access are all legitimate for the stated purpose of connecting AI assistants to Supabase projects.

low Legitimate network calls to Supabase API — The fetch() calls in release.yml, server.ts, and graphql.ts are all expected network operations for a Supabase integration tool. They connect to the Supabase API and MCP registry as documented.
low Environment variable access for authentication — SUPABASE_ACCESS_TOKEN is read from environment variables, which is the standard and documented way to authenticate with Supabase. No exfiltration or unexpected transmission of this token was found.

Model: deepseek-chat

Static findings

Outbound network · Makes outbound network requests

info .github/workflows/release.yml:159 fetch(url)

low packages/mcp-server-postgrest/src/server.ts:55 const response = await fetch(ensureTrailingSlash(apiUrl), {

low packages/mcp-server-supabase/src/content-api/graphql.ts:164 const response = await fetch(url, {

Environment variables (config / keys) · Reads environment variables (config / API keys)

low packages/mcp-server-supabase/src/transports/stdio.ts:51 const accessToken = cliAccessToken ?? process.env.SUPABASE_ACCESS_TOKEN;

low packages/mcp-server-supabase/vitest.setup.ts:5 if (!process.env.CI) {

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.