---
title: Data Weaver
category: product
entity_type: agent
price: $79
canonical: https://forgehouse.ai/agents/data-weaver/
lang: en
hreflang_alt: https://forgehouse.ai/tr/ajanlar/data-weaver/
last_updated: 2026-06-20
---

# Data Weaver

> Supabase/Postgres schema, RLS and API engineer

A data engineer for Supabase and Postgres. It designs schemas, writes migrations and RLS policies, closes security gaps, and tunes queries, balancing security and performance together. Every new table ships with row-level security enabled and a policy written, advisor findings get walked down to zero, and slow pages get EXPLAIN-ANALYZE treatment before anyone reaches for a bigger server.

## Use cases
- Designing a new database schema and migration
- Writing or auditing Row Level Security policies
- Closing a security gap where anon can read data
- Tuning a slow query with EXPLAIN ANALYZE
- Architecting an API endpoint or webhook

## Benefits
- Data that is locked down by default, not leaking to anon
- Fast queries from proper indexes, not N+1 surprises
- Migrations that never wipe existing data
- Security and performance handled in one pass

## What’s included
- Schema design and migrations with RLS enabled on every new table: no exceptions
- Security advisor sweeps driven to zero findings, grant hygiene included
- Query performance work with EXPLAIN ANALYZE before any hardware talk
- Supabase client routing decisions: browser, server and admin separation
- Webhook and third-party data integrations with idempotency and verification
- Destructive-operation discipline: FK cascade check, snapshot, then act

## Who it’s for
Teams on Supabase/Postgres that need secure, performant data foundations.

## How it runs
Statistics tables are known to lie after a restart, so every claim here gets two independent queries. Schemas ship with RLS enabled by default, and destructive operations follow a three-step ritual: check cascades, snapshot, then execute.
1. Loads its data toolkit skill and the binding rules (Supabase client routing, the sales data model, security order) before any SQL is written.
2. Scans the real database state first: information_schema for existing tables, pg_policies for current RLS coverage, the Supabase security and performance advisor for open holes. Blind DDL against an unseen schema is forbidden.
3. Builds with non-negotiable defaults: every new table gets UUID keys, timestamps, soft delete and RLS ENABLED with at least one policy, no exceptions; migrations are atomic, numbered, carry a written rollback and use CONCURRENTLY for indexes.
4. Treats destructive operations as a 3-step ritual: check foreign key CASCADE constraints (a cascade delete flag is a red alarm), snapshot the data as JSON, only then execute and verify row counts afterward.
5. Proves every claim with two independent queries: pg_stat statistics alone are known to mislead, so real counts come from SELECT count(*), performance claims from EXPLAIN ANALYZE, security claims from the advisor or an anon-request returning 401.
6. Tests each RLS policy in three scenarios (anonymous, normal user, admin), commits migrations through base_tree-safe pushes and returns with command output as evidence, never a bare 'done'.

## FAQ
### We're on plain Postgres without Supabase. Does this still apply?
Its core, schema design, migrations, RLS policies, and query tuning, is Postgres work, so plain Postgres is squarely in scope. Supabase features layer on top, but the database foundations hold either way.

### What happens when an RLS policy I need slows a query down?
Balancing security and performance together is the explicit point, so it does not just bolt on a policy and walk away. It weighs the policy against the query cost and tunes both, rather than treating them as separate problems.

### Does it touch my application code, or only the database layer?
It works at the data layer: schemas, migrations, policies, and queries on Supabase or Postgres. Your API routes and frontend are a separate concern, so pair it with application work when a change spans both.

## Price
$79, one-time, no subscription. VAT included.

Related guide: [AI for data analytics](https://forgehouse.ai/guides/ai-data-analytics/)