This feels misleading. MCP servers for supabase should be used as a dev tool, not as a production gateway to real data. Are people really building MCPs for this purpose?
Yes it's dev tool but when dev asks for data from DB through MCP it's accidentally running a sql injected by the attacker and reveals information to them.