Here’s how it works end to end: you sign in (Google, GitHub, or email), click Connect Supabase, approve access, choose your active project, and hit Start Analysis. We establish a secure connection and request minimal scopes—mostly Read, with SQL Read/Write only because Supabase MCP requires it—then operate read‑first. We pull the Swagger-style JSON schema Supabase exposes, index tables/relations, and generate a human-readable understanding we reuse as context. During onboarding we preview your “Report Card” by checking RLS coverage, indexes, logs, and performance patterns. MCP lets our analyst agents run vetted SQL and compose reports, while your existing RLS and project scoping stay in force. When you want to enrich insights, we bring in external systems via REST APIs and remote MCP servers—always keeping Supabase as the source of truth. Net result: fast, project-scoped analytics you can validate directly in Supabase, no data detours, no mystery permissions.