← Back to Skills Marketplace
tonychang04

Insforge

by Tony Chang · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ✓ Security Clean
237
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install insforge
Description
Use this skill whenever writing frontend code that talks to a backend for database queries, authentication, file uploads, AI features, real-time messaging, o...
README (SKILL.md)

InsForge SDK Skill

This skill covers client-side SDK integration using @insforge/sdk. For backend infrastructure operations (creating tables, inspecting schema, deploying functions, secrets, managing storage buckets, website deployments, cron job and schedules, logs, etc.), use the insforge-cli skill.

Quick Setup

npm install @insforge/sdk@latest

import { createClient } from '@insforge/sdk'

const insforge = createClient({
  baseUrl: 'https://your-project.region.insforge.app',
  anonKey: 'your-anon-key'
})

Module Reference

Module SDK Integration
Database database/sdk-integration.md
Auth auth/sdk-integration.md
Storage storage/sdk-integration.md
Functions functions/sdk-integration.md
AI ai/sdk-integration.md
Real-time realtime/sdk-integration.md

What Each Module Covers

Module Content
Database CRUD operations, filters, pagination, RPC calls
Auth Sign up/in, OAuth, sessions, profiles, password reset
Storage Upload, download, delete files
Functions Invoke edge functions
AI Chat completions, image generation, embeddings
Real-time Connect, subscribe, publish events

Guides

Guide When to Use
database/postgres-rls.md Writing or reviewing RLS policies — covers infinite recursion prevention, SECURITY DEFINER patterns, performance tips, and common InsForge RLS patterns

Real-time Configuration

For real-time channels and database triggers, use insforge db query with SQL to create triggers that publish to channels. The real-time SDK is for frontend event handling and messaging, not backend configuration.

Create Database Triggers

Automatically publish events when database records change.

-- Create trigger function
CREATE OR REPLACE FUNCTION notify_order_changes()
RETURNS TRIGGER AS $$
BEGIN
  PERFORM realtime.publish(
    'order:' || NEW.id::text,    -- channel
    TG_OP || '_order',           -- event: INSERT_order, UPDATE_order
    jsonb_build_object(
      'id', NEW.id,
      'status', NEW.status,
      'total', NEW.total
    )
  );
  RETURN NEW;
END;
$$ LANGUAGE plpgsql SECURITY DEFINER;

-- Attach to table
CREATE TRIGGER order_realtime
  AFTER INSERT OR UPDATE ON orders
  FOR EACH ROW
  EXECUTE FUNCTION notify_order_changes();

Conditional Trigger (Status Changes Only)

CREATE OR REPLACE FUNCTION notify_order_status()
RETURNS TRIGGER AS $$
BEGIN
  PERFORM realtime.publish(
    'order:' || NEW.id::text,
    'status_changed',
    jsonb_build_object('id', NEW.id, 'status', NEW.status)
  );
  RETURN NEW;
END;
$$ LANGUAGE plpgsql SECURITY DEFINER;

CREATE TRIGGER order_status_trigger
  AFTER UPDATE ON orders
  FOR EACH ROW
  WHEN (OLD.status IS DISTINCT FROM NEW.status)
  EXECUTE FUNCTION notify_order_status();

Access Control (RLS)

RLS is disabled by default. To restrict channel access:

  • Enable RLS
ALTER TABLE realtime.channels ENABLE ROW LEVEL SECURITY;
ALTER TABLE realtime.messages ENABLE ROW LEVEL SECURITY;
  • Restrict Subscribe (SELECT on channels)
CREATE POLICY "users_subscribe_own_orders"
ON realtime.channels FOR SELECT
TO authenticated
USING (
  pattern = 'order:%'
  AND EXISTS (
    SELECT 1 FROM orders
    WHERE id = NULLIF(split_part(realtime.channel_name(), ':', 2), '')::uuid
      AND user_id = auth.uid()
  )
);
  • Restrict Publish (INSERT on messages)
CREATE POLICY "members_publish_chat"
ON realtime.messages FOR INSERT
TO authenticated
WITH CHECK (
  channel_name LIKE 'chat:%'
  AND EXISTS (
    SELECT 1 FROM chat_members
    WHERE room_id = NULLIF(split_part(channel_name, ':', 2), '')::uuid
      AND user_id = auth.uid()
  )
);
  • Quick Reference
Task SQL
Create channel INSERT INTO realtime.channels (pattern, description, enabled) VALUES (...)
Create trigger CREATE TRIGGER ... EXECUTE FUNCTION ...
Publish from SQL PERFORM realtime.publish(channel, event, payload)
Enable RLS ALTER TABLE realtime.channels ENABLE ROW LEVEL SECURITY

Best Practices

  1. Create channel patterns first before subscribing from frontend

    • Insert channel patterns into realtime.channels table
    • Ensure enabled is set to true

  2. Use specific channel patterns

    • Use wildcard % patterns for dynamic channels (e.g., order:% for order:123)
    • Use exact patterns for global channels (e.g., notifications)

Common Mistakes

Mistake Solution
Subscribing to undefined channel pattern Create channel pattern in realtime.channels first
Channel not receiving messages Ensure channel enabled is true
Publishing without trigger Create database trigger to auto-publish on changes

Recommended Workflow

1. Create channel patterns   → INSERT INTO realtime.channels
2. Ensure enabled = true     → Set enabled to true
3. Create triggers if needed → Auto-publish on database changes
4. Proceed with SDK subscribe → Use channel name matching pattern

Backend Configuration (Not Yet in CLI)

These modules still require HTTP API calls because the CLI does not yet support them:

Module Backend Configuration
Auth auth/backend-configuration.md
AI ai/backend-configuration.md

SDK Quick Reference

All SDK methods return { data, error }.

Module Methods
insforge.database .from().select(), .insert(), .update(), .delete(), .rpc()
insforge.auth .signUp(), .signInWithPassword(), .signInWithOAuth(), .signOut(), .getCurrentSession()
insforge.storage .from().upload(), .uploadAuto(), .download(), .remove()
insforge.functions .invoke()
insforge.ai .chat.completions.create(), .images.generate(), .embeddings.create()
insforge.realtime .connect(), .subscribe(), .publish(), .on(), .disconnect()

Important Notes

  • Database inserts require array format: insert([{...}]) not insert({...})
  • Storage: Save both url AND key to database for download/delete operations
  • Functions invoke URL: /functions/{slug} (without /api prefix)
  • Use Tailwind CSS v3.4 (do not upgrade to v4)
  • Always local build before deploy: Prevents wasted build resources and faster debugging
Usage Guidance
This skill is documentation for using the InsForge frontend SDK and is instruction-only (no code or installs). It does include examples that use anon keys (normal for client SDKs) and separate admin endpoints that require an admin Bearer token (used for backend configuration). Before using: (1) Confirm your project actually uses InsForge/@insforge/sdk; (2) never paste admin tokens or other high-privilege secrets into an agent unless you trust the recipient and intend it to act as admin; (3) verify the @insforge/sdk package source (npm/GitHub) yourself before installing in your project; (4) for backend admin tasks prefer the insforge-cli as the docs recommend; (5) because the skill's source/homepage is unknown, treat it as documentation only—it does not add code to your system but does not provide provenance for the library it documents.
Capability Analysis
Type: OpenClaw Skill Name: insforge Version: 0.1.0 The insforge skill bundle is a comprehensive set of instructions and documentation for an AI agent to interact with the InsForge platform, covering database, authentication, storage, AI, and real-time features. It provides legitimate SDK integration examples, API endpoint references, and high-quality security guidance, such as preventing infinite recursion in PostgreSQL RLS (database/postgres-rls.md). There is no evidence of malicious intent, data exfiltration, or harmful prompt injection; the bundle is designed to assist developers in building applications using the InsForge ecosystem.
Capability Assessment
Purpose & Capability
The name/description promise a frontend SDK integration helper and the files are SDK usage docs for database, auth, storage, functions, real-time, and AI—all coherent with that purpose. The skill does not request unrelated binaries, env vars, or install steps.
Instruction Scope
Most instructions stay on-topic (client SDK usage, sample SQL for RLS, and when to consult backend/CLI). A few files document admin HTTP endpoints that require admin tokens (for backend configuration or metadata); this is relevant context but expands into backend admin territory. The docs do not themselves attempt to read local files or secrets, but they may guide an agent to ask the user for admin credentials if backend actions are requested.
Install Mechanism
No install spec and no code files—this is instruction-only, so nothing is written to disk or downloaded by the skill itself.
Credentials
The skill declares no required environment variables or credentials (consistent with being a docs-only skill). However, examples reference anonKey/baseUrl for the SDK and admin Bearer tokens for backend admin endpoints; those are expected for the described operations but are not requested by the skill. Users should not supply admin tokens to the agent unless they intend the agent to perform admin actions.
Persistence & Privilege
always:false, no install, no persistence. The skill does not request permanent inclusion or elevated agent privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install insforge
  3. After installation, invoke the skill by name or use /insforge
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of the insforge skill. - Provides guidance for integrating @insforge/sdk in frontend applications. - Covers usage contexts including database queries, authentication, storage, AI features, real-time messaging, and invoking functions from frontend code. - Includes quick setup instructions, SDK module references, guides for RLS policies, and best practices for real-time features. - Details common mistakes, backend configuration references, and a quick SDK method reference. - Notes important caveats for SDK usage and frontend development workflows.
Metadata
Slug insforge
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Insforge?

Use this skill whenever writing frontend code that talks to a backend for database queries, authentication, file uploads, AI features, real-time messaging, o... It is an AI Agent Skill for Claude Code / OpenClaw, with 237 downloads so far.

How do I install Insforge?

Run "/install insforge" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Insforge free?

Yes, Insforge is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Insforge support?

Insforge is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Insforge?

It is built and maintained by Tony Chang (@tonychang04); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments