💧 Supabase MCP can leak your entire SQL database
「 The cursor assistant operates the Supabase database with elevated access via the service_role, which bypasses all row-level security (RLS) protections. At the same time, it reads customer-submitted messages as part of its input. If one of those messages contains carefully crafted instructions, the assistant may interpret them as commands and execute SQL unintentionally 」
https://simonwillison.net/2025/Jul/6/supabase-mcp-lethal-trifecta/