journey-rls
The journey-rls skill installs Row-Level Security policies on user-owned tables as stage 3b of the Butterbase guided journey, executing after journey-schema. It reads the RLS section from 02-plan.md, delegates policy creation to debug-rls in proactive mode using manage_rls commands, verifies policies with a list action, and updates build logs and state tracking. Use this when current_stage is set to rls or invoke it directly, unless hackathon_mode is enabled, in which case it runs automatically within journey-schema.
git clone --depth 1 https://github.com/butterbase-ai/butterbase-skills /tmp/journey-rls && cp -r /tmp/journey-rls/skills/journey-rls ~/.claude/skills/journey-rlsSKILL.md
# Journey: RLS Stage 3b of the guided journey. Install Row-Level Security policies for user-owned tables. ## When to use - Dispatched by `journey` when `current_stage: rls`. - Directly via `/butterbase-skills:journey-rls`. - Folded into `journey-schema` when `hackathon_mode: true` (do not run separately). ## Preflight If `docs/butterbase/03-preflight.md` is missing, older than 24 hours, or `00-state.md` has `app_id: null`, invoke `butterbase-skills:journey-preflight` first. Wait for it to return successfully before proceeding. ## Inputs - `docs/butterbase/02-plan.md` — the RLS section. - `docs/butterbase/00-state.md` — for `app_id`. ## Procedure 0. **Refresh docs.** Call `butterbase_docs` with `topic: "auth"`. For RLS-specific patterns, also WebFetch `https://docs.butterbase.ai/auth/rls`. Skip if cache is fresh. 1. Read the RLS section of `02-plan.md`. Print it back: `"About to install RLS policies: <list>. Proceed?"`. Wait for `yes`. 2. Invoke `butterbase-skills:debug-rls` via the Skill tool with mode `proactive`, passing the RLS plan and `app_id`. For each user-isolation entry, the wrapped skill calls `manage_rls action: create_user_isolation`. For custom policies, `manage_rls action: enable` then `action: create_policy`. 3. After it returns, sanity-check with `manage_rls action: list` and show the user. 4. Append one line to `docs/butterbase/04-build-log.md`: `<ISO timestamp> rls manage_rls ok` 5. Tick `- [x] rls` in `00-state.md`, set `current_stage:` to the next unchecked stage, bump `last_updated`. 6. Return to `journey` orchestrator (or ask `"Continue to the next stage? (yes/no)"`). ## Outputs - Live RLS policies in the Butterbase app. - One line in `04-build-log.md`. ## Anti-patterns - ❌ Skipping `manage_rls action: list` verification — invisible policy failures are the #1 RLS gotcha. - ❌ Creating policies on a table where RLS is not enabled — `enable` must come first.
Claude Code plugin for Butterbase — 30+ guided skills and auto-configured MCP for the AI-native backend-as-a-service.
Use when calling the app's AI gateway from agent tools — chat completions, embeddings, listing models, configuring defaults or BYOK, reading token/cost usage
Configure OAuth providers, auth hooks, JWT lifetimes, and service keys for a Butterbase app
Use when building a new Butterbase app from scratch, creating a full-stack application, or when the user asks to set up a complete backend with database, auth, and deployment
Use when users report access denied errors, see wrong data, RLS policies are not working, or when troubleshooting Row-Level Security issues in Butterbase
Deploy a frontend (React, Next.js, or static HTML) to a live URL on Butterbase
Use when building stateful per-key actors — chat rooms, multiplayer rooms, rate limiters, long-running agents, leaderboards — that need persistent in-memory + storage state across requests
Develop, deploy, or debug a Butterbase serverless function