
DB Migration Auditor
Catch the outage on paper: data loss, table locks, breaking renames, missing RLS — before the migration runs. Postgres/Supabase-aware.
v1.0.0 · ~675 tokens · ⬇ 8 · Updated July 6, 2026
What it does
Audits a migration/DDL before it runs: destructive-change blocks (drop/rename/no-WHERE/NOT NULL), lock & performance checks (CONCURRENTLY, batched backfills, NOT VALID), reversibility, deploy-order (additive-first), and Supabase RLS (a new table without RLS is world-readable). Assumes a large production table unless told otherwise.
Example uses
Audit a migration before production
A migration touches a large production table and you want the outage caught on paper first.
Audit this migration before I run it on production Postgres: it adds a NOT NULL column to a 40-million-row events table, backfills it in the same transaction, and creates an index without CONCURRENTLY. Tell me what locks, what breaks, and the additive-first plan that avoids downtime.Verify RLS on new table
A new Supabase table is about to ship and a missing RLS policy would expose it through the anon key.
Review this Supabase migration that creates a customer_documents table with a storage path column. Verify RLS is enabled with proper per-user policies — I need to be sure it isn't world-readable through the anon key before it ships.Plan a safe column rename
A rename will break live readers unless the deploy is sequenced correctly.
We need to rename orders.status to orders.fulfillment_status, but the API and two background workers still read the old name. Audit the rename and give me the deploy-order plan — what ships first, what backfills, and when the old column can actually go.Install
# 1. Create the skill folder in your Claude setup mkdir -p ~/.claude/skills/db-migration-auditor # 2. Download SKILL.md into it (or move the file you just downloaded) # → ~/.claude/skills/db-migration-auditor/SKILL.md # 3. Claude Code auto-discovers it on next launch.
Inside the skill
---
name: db-migration-auditor
description: Audit a database migration for danger BEFORE it runs — data loss, table locks, breaking changes. Use when writing/reviewing a schema migration, ALTER, or any DDL ("check this migration", "is this safe to run in prod", "review this schema change"). Postgres/Supabase-aware.
---
# DB Migration Auditor
A migration touches a live database with real data. Treat every DDL as guilty until
proven safe. This audits the SQL before it runs — catch the outage on paper, not in prod.
## Destructive-change checks (CRITICAL — block on any)
- `DROP TABLE` / `DROP COLUMN` — permanent data loss. Confirm the data is truly dead or
archived. Prefer a two-phase deprecation (stop writing → drop later).
- `ALTER COLUMN ... TYPE` — can rewrite the whole table + fail on incompatible data.
- `RENAME` (table/column) — breaks every reader still using the old name → coordinate with code deploy.
- `TRUNCATE`, `DELETE` without `WHERE`, `UPDATE` without `WHERE`.
- `NOT NULL` added to an existing column with no default → fails if any row is null; may lock.
## Lock / performance checks (HIGH on a large table)
- Postgres: adding a column with a **volatile default**, `ALTER TYPE`, or an index built
WITHOUT `CONCURRENTLY` takes an ACCESS EXCLUSIVE lock → writes blocked for the whole build.
→ use `CREATE INDEX CONCURRENTLY`, add-column-then-backfill-in-batches, `NOT VALID` +
`VALIDATE CONSTRAINT` for FKs/checks.
- Long-running backfill inside the migration transaction → holds locks; batch it outside.
## Correctness checks
- **Reversible?** Is there a matching down-migration, or is this one-way? Say so.
- **Idempotent?** `IF NOT EXISTS` / `IF EXISTS` so a re-run doesn't explode.
- **Order vs code**: does the app deploy expect this before or after? Additive-first
(add nullable col → deploy code → backfill → enforce) avoids downtime.
- **RLS (Supabase)**: new table has RLS enabled + policies? A new table without RLS is
world-readable via the anon key — a classic Supabase leak.
## Output
```
MIGRATION AUDIT — <file>
Verdict: SAFE | SAFE WITH CHANGES | DANGEROUS
CRITICAL: <data-loss / no-WHERE / etc.>
HIGH (locks): <blocking operations on large tables + the concurrent alternative>
Reversibility: <down-migration present? one-way?>
Deploy order: <additive-first plan if needed>
RLS: <enabled + policies? (Supabase)>
```
## Rules
- Assume the table is large and in production unless told otherwise. The safe path costs little; the outage costs a lot.
- Never approve an irreversible data-loss step without an explicit "yes, the data is gone on purpose".
- Treat SQL as code: parameterize, no string-built dynamic SQL in app-run migrations.
Changelog
- v1.0.02026-07-03Initial clean-room write.
Frequently asked questions
Is DB Migration Auditor free?
Yes. DB Migration Auditor is free to download and MIT-licensed.
Where do I install DB Migration Auditor?
Place the SKILL.md file in ~/.claude/skills/db-migration-auditor/ and Claude Code auto-discovers it on next launch.
How many tokens does DB Migration Auditor use?
About 675 tokens — it is designed to be token-lean.

We're developers and SaaS builders who use these tools daily in production. Every review comes from hands-on experience building real products — DealPropFirm, ThePlanetIndicator, PropFirmsCodes, and many more. We don't just review tools — we build and ship with them every day.
Written and tested by developers who build with these tools daily.