top | item 44503416

(no title)

gregnr | 7 months ago

We're experimenting with a PostgREST MCP server that will take full advantage of table permissions and row level security policies. This will be useful if you strictly want to give LLMs access to data (not DDL). Since it piggybacks off of our existing auth infrastructure, it will allow you to apply the exact fine grain policies that you are comfortable with down to the row level.

discuss

jonplackett|7 months ago

This seems like a far better solution and uses all the things I already love about supabase.

Do you think it will be too limiting in any way? Is there a reason you didn’t just do this from the start as it seems kinda obvious?

gregnr|7 months ago

The limitation is that it is data-only (no DDL). A large percentage of folks use Supabase MCP for app development - they ask the LLM to help build their schema and other database objects at dev time, which is not possible through PostgREST (or designed for this use case). This is particularly true for AI app builders who connect their users to Supabase.