npm - @luanpdd/kit-mcp - Versions diffs - 1.34.0 → 1.36.0 - Mend

@luanpdd/kit-mcp 1.34.0 → 1.36.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

package/README.md +1 -1
package/bin/cli.js +2 -2
package/bin/mcp.js +6 -6
package/bin/ui.js +74 -74
package/gates/ai-prompt-stability.md +120 -120
package/gates/budget-description.md +68 -68
package/gates/confidence.md +29 -29
package/gates/dependency-check.md +33 -33
package/gates/dept-cycle-prevention.md +179 -179
package/gates/golden-signals-coverage.md +133 -133
package/gates/legacy-refactor-safety.md +178 -178
package/gates/multi-tenant-rls-coverage.md +102 -102
package/gates/no-personal-uuid.md +72 -72
package/gates/obs-agents-mcp-supabase.md +86 -86
package/gates/obs-skills-frontmatter.md +76 -76
package/gates/observability-coverage.md +151 -151
package/gates/omm-no-regression.md +83 -83
package/gates/postmortem-template-required.md +127 -127
package/gates/prr-checklist-coverage.md +128 -128
package/gates/regression.md +32 -32
package/gates/release-pipeline-policy.md +132 -132
package/gates/secrets-scan.md +33 -33
package/gates/service-role-not-in-user-facing.md +113 -113
package/gates/skill-must-include.md +71 -71
package/gates/sync-idempotent.md +62 -62
package/gates/verify-phase-goal.md +34 -34
package/kit/agents/designer-ui.md +216 -216
package/kit/agents/workflow-generator.md +537 -0
package/kit/commands/adicionar-backlog.md +1 -1
package/kit/commands/adicionar-fase.md +1 -1
package/kit/commands/adicionar-tarefa.md +1 -1
package/kit/commands/auditar-observabilidade.md +103 -103
package/kit/commands/auditar-toil.md +129 -129
package/kit/commands/caracterizar-prompt.md +195 -195
package/kit/commands/criar-workflow.md +158 -0
package/kit/commands/definir-perfil.md +1 -1
package/kit/commands/definir-slo.md +108 -108
package/kit/commands/fio.md +1 -1
package/kit/commands/golden-signals.md +142 -142
package/kit/commands/instrumentar-fase.md +200 -200
package/kit/commands/investigar-producao.md +162 -162
package/kit/commands/observabilidade.md +118 -118
package/kit/commands/postmortem.md +179 -179
package/kit/commands/prr.md +205 -205
package/kit/commands/publicar-rapido.md +207 -207
package/kit/commands/risk-budget.md +220 -220
package/kit/commands/sre.md +230 -230
package/kit/file-manifest.json +5 -2
package/kit/framework/references/output-style.md +22 -22
package/kit/hooks/post-apply-migration.js +199 -199
package/kit/hooks/sidecar-tool-publisher.js +210 -210
package/kit/skills/_shared-dados-distribuidos/glossary.md +224 -224
package/kit/skills/_shared-legacy/glossary.md +389 -389
package/kit/skills/_shared-multi-tenant/glossary.md +186 -186
package/kit/skills/_shared-observability/glossary.md +396 -396
package/kit/skills/_shared-sre/glossary.md +712 -712
package/kit/skills/_shared-supabase/glossary.md +234 -234
package/kit/skills/blameless-postmortems/SKILL.md +340 -340
package/kit/skills/burn-rate-alerting/SKILL.md +258 -258
package/kit/skills/cascading-failures/SKILL.md +311 -311
package/kit/skills/core-analysis-loop/SKILL.md +352 -352
package/kit/skills/distributed-tracing/SKILL.md +362 -362
package/kit/skills/dynamic-workflow-authoring/SKILL.md +327 -0
package/kit/skills/eliminating-toil/SKILL.md +243 -243
package/kit/skills/event-based-slos/SKILL.md +296 -296
package/kit/skills/four-golden-signals/SKILL.md +314 -314
package/kit/skills/hermetic-builds/SKILL.md +323 -323
package/kit/skills/legacy-monster-methods/SKILL.md +444 -444
package/kit/skills/llm-as-dependency/SKILL.md +436 -436
package/kit/skills/load-shedding-graceful-degradation/SKILL.md +396 -396
package/kit/skills/observability-driven-development/SKILL.md +315 -315
package/kit/skills/observability-maturity-model/SKILL.md +222 -222
package/kit/skills/opentelemetry-standard/SKILL.md +351 -351
package/kit/skills/production-readiness-review/SKILL.md +305 -305
package/kit/skills/release-engineering/SKILL.md +367 -367
package/kit/skills/retry-strategies/SKILL.md +372 -372
package/kit/skills/sre-risk-management/SKILL.md +221 -221
package/kit/skills/structured-events/SKILL.md +265 -265
package/kit/skills/supabase-cron-queues/SKILL.md +275 -275
package/kit/skills/supabase-database-functions/SKILL.md +332 -332
package/kit/skills/supabase-declarative-schema/SKILL.md +183 -183
package/kit/skills/supabase-pgvector-rag/SKILL.md +253 -253
package/kit/skills/supabase-postgres-style/SKILL.md +138 -138
package/kit/skills/supabase-storage/SKILL.md +234 -234
package/kit/skills/telemetry-pipelines/SKILL.md +259 -259
package/kit/skills/telemetry-sampling/SKILL.md +256 -256
package/kit/skills/ui-anti-padroes-ia/SKILL.md +261 -261
package/kit/skills/ui-contexto-produto/SKILL.md +248 -248
package/kit/skills/ui-cor-estrategia/SKILL.md +213 -213
package/kit/skills/ui-critica-auditoria/SKILL.md +260 -260
package/kit/skills/ui-motion-funcional/SKILL.md +264 -264
package/kit/skills/ui-ritmo-espacial/SKILL.md +259 -259
package/kit/skills/ui-tipografia/SKILL.md +211 -211
package/package.json +1 -1
package/src/cli/index.js +1114 -1114
package/src/cli/render.js +194 -194
package/src/cli/upgrade-check.js +135 -135
package/src/core/error-redaction.js +76 -76
package/src/core/failures.js +153 -153
package/src/core/gate-runner.js +205 -205
package/src/core/gates.js +82 -82
package/src/core/logger.js +170 -170
package/src/core/manifest-verify.js +174 -174
package/src/core/metrics.js +268 -268
package/src/core/notify.js +60 -60
package/src/core/path-safety.js +141 -141
package/src/core/replays.js +120 -120
package/src/core/ui.js +185 -185
package/src/mcp-server/install.js +149 -149
package/src/mcp-server/roots.js +124 -124
package/src/ui/auto-spawn.js +113 -113
package/src/ui/browser.js +78 -78
package/src/ui/client.js +130 -130
package/src/ui/events.js +65 -65
package/src/ui/lockfile.js +191 -191
package/src/ui/port.js +67 -67
package/src/ui/server.js +547 -547
package/src/ui/wrapper.js +129 -129

package/kit/skills/supabase-pgvector-rag/SKILL.md CHANGED Viewed

@@ -1,253 +1,253 @@
----
-name: supabase-pgvector-rag
-description: Use ao implementar RAG com pgvector — create extension vector, dim consistente, HNSW vs IVFFlat, operadores <=>/<#>, RAG with permissions via RLS, chunking.
----
-# Supabase — pgvector + RAG
-## Quando usar
-LLM carrega esta skill quando implementar embeddings, similarity search ou RAG (Retrieval-Augmented Generation) com Supabase. Trigger phrases:
-- "pgvector", "vector embeddings"
-- "RAG Supabase", "retrieval augmented generation"
-- "semantic search Postgres"
-- "HNSW vs IVFFlat"
-- "embedding dimension"
-- "match_documents function"
-## Regras absolutas
-- **Setup:** `create extension if not exists vector;` em migration ou `supabase/schemas/`.
-- **Dimension fixa por modelo** — defina `embedding vector(N)` com N = dim do modelo: 1536 (OpenAI ada-002), 768 (nomic-embed-text), 384 (all-MiniLM-L6-v2). Mismatch = silent fail ou matches aleatórios.
-- **Index obrigatório** — sem index, similarity search faz full scan e degrada drasticamente em > 10k linhas.
-- **`HNSW`** = default em 2026 — recall melhor, queries mais rápidas com mais data. Build mais lento.
-- **`IVFFlat`** = alternativa quando build time domina (datasets dinâmicos com re-build frequente). Recall menor.
-- **Distance operators canônicos:**
-  - **`<=>`** — cosine distance (mais comum em embeddings normalizados)
-  - **`<#>`** — negative inner product
-  - **`<->`** — L2 (euclidean) distance
-- **`RAG with permissions`** — combine similarity search com RLS na tabela source. Sem isso, retrieval vaza documents entre tenants.
-- **Chunking:** 200-500 tokens com overlap 10-20%. Chunks > 1k tokens degradam embeddings; < 100 perdem contexto.
-- **Embedding generation server-side** — geração via Edge Function ou worker (model API key não vai para client).
-## Patterns canônicos
-### Schema com RLS + HNSW index
-```sql
--- PT-BR: extension uma vez por projeto
-create extension if not exists vector;
--- PT-BR: documents com embedding e user_id para RAG with permissions
-create table public.documents (
-  id uuid primary key default gen_random_uuid(),
-  user_id uuid not null references auth.users (id) on delete cascade,
-  content text not null,                    -- PT-BR: chunk de texto (200-500 tokens)
-  embedding vector(1536) not null,          -- PT-BR: dim casa com modelo
-  metadata jsonb default '{}'::jsonb,
-  created_at timestamptz default now()
-);
--- PT-BR: HNSW com cosine distance (default 2026)
-create index documents_embedding_hnsw_idx
-  on public.documents
-  using hnsw (embedding vector_cosine_ops);
--- PT-BR: RLS — RAG with permissions
-alter table public.documents enable row level security;
-create policy "users_read_own_docs"
-  on public.documents for select to authenticated
-  using ((select auth.uid()) = user_id);
-create policy "users_insert_own_docs"
-  on public.documents for insert to authenticated
-  with check ((select auth.uid()) = user_id);
-create index documents_user_id_idx on public.documents (user_id);
-```
-### Função `match_documents` — RAG with permissions
-```sql
-create or replace function public.match_documents(
-  query_embedding vector(1536),
-  match_threshold float,
-  match_count int
-)
-returns table (
-  id uuid,
-  content text,
-  similarity float,
-  metadata jsonb
-)
-language plpgsql
-security invoker                            -- PT-BR: invoker → respeita RLS do caller
-set search_path = ''
-stable
-as $$
-begin
-  return query
-    select
-      d.id,
-      d.content,
-      1 - (d.embedding <=> query_embedding) as similarity,
-      d.metadata
-    from public.documents as d
-    where 1 - (d.embedding <=> query_embedding) > match_threshold
-    order by d.embedding <=> query_embedding
-    limit match_count;
-end;
-$$;
-```
-**Por que `security invoker`:** garante que a função só retorna documentos que o caller (usuário autenticado) tem permissão de ver via RLS. Sem RLS, qualquer caller via similarity recupera documents de outros tenants.
-### Uso da função do client
-```ts
-// PT-BR: gerar embedding (em Edge Function, server-side) e chamar match_documents
-const queryEmbedding = await embedQuery(userQuestion)   // dim 1536
-const { data: matches } = await supabase.rpc('match_documents', {
-  query_embedding: queryEmbedding,
-  match_threshold: 0.78,
-  match_count: 10,
-})
-// matches: [{ id, content, similarity, metadata }, ...] já filtrado por RLS
-const context = matches.map((m) => m.content).join('\n\n')
-const answer = await llmComplete({ context, question: userQuestion })
-```
-### IVFFlat alternativa
-```sql
--- PT-BR: usar IVFFlat quando build time importa (dataset dinâmico)
--- lists = sqrt(N) é heurística para N total de linhas
-create index documents_embedding_ivfflat_idx
-  on public.documents
-  using ivfflat (embedding vector_cosine_ops)
-  with (lists = 100);                       -- ajustar conforme volume
-```
-### Geração de embeddings em Edge Function
-```ts
-// supabase/functions/embed-document/index.ts
-// PT-BR: chunking + embedding + insert
-import { createClient } from 'npm:@supabase/supabase-js@2'
-import OpenAI from 'npm:openai@4'
-Deno.serve(async (req) => {
-  const { user_id, document } = await req.json()
-  const openai = new OpenAI({ apiKey: Deno.env.get('OPENAI_API_KEY') })
-  const supabase = createClient(
-    Deno.env.get('SUPABASE_URL')!,
-    Deno.env.get('SUPABASE_SECRET_KEYS')!
-  )
-  // PT-BR: chunk em pedaços de ~400 tokens com overlap 20%
-  const chunks = chunkText(document, { size: 400, overlap: 80 })
-  for (const chunk of chunks) {
-    const embedRes = await openai.embeddings.create({
-      model: 'text-embedding-3-small',      // dim 1536
-      input: chunk,
-    })
-    await supabase.from('documents').insert({
-      user_id,
-      content: chunk,
-      embedding: embedRes.data[0].embedding,
-    })
-  }
-  return new Response('embedded')
-})
-```
-## Anti-patterns
-### Anti-pattern 1: Dim mismatch entre modelo e coluna
-**Errado:**
-```sql
-create table documents (embedding vector(1536) not null);
-```
-```ts
-// PT-BR: usa nomic-embed-text que retorna dim 768
-const embedding = await nomicEmbed(text)              // 768
-await supabase.from('documents').insert({ embedding })  // ⚠ insert falha
-```
-**Por quê:** Postgres rejeita insert com dim mismatch (`expected 1536 dimensions, got 768`). Em pior caso, se aceito, similarity retorna ranking aleatório.
-**Certo:** alinhe dim:
-```sql
-create table documents (embedding vector(768) not null);
-```
-ou troque o modelo para um que retorne 1536.
-### Anti-pattern 2: Similarity search sem RLS — vazamento RAG
-**Errado:**
-```sql
--- PT-BR: tabela documents sem RLS
-create table public.documents (
-  id uuid primary key,
-  content text,
-  embedding vector(1536)
-);
-```
-**Por quê:** qualquer authenticated chama `match_documents` e recupera documents de outros usuários. Em apps multi-tenant, é vazamento crítico — RAG do tenant A vê docs do tenant B.
-**Certo:** habilite RLS + policies por `user_id`/`org_id` + use `security invoker` em funções de match (ver pattern canônico).
-### Anti-pattern 3: Chunks gigantes (> 1k tokens)
-**Errado:**
-```ts
-// PT-BR: chunk inteiro de documento (5k tokens)
-const chunks = [fullDocument]
-const embedding = await embed(fullDocument)
-```
-**Por quê:** embeddings perdem detalhe semântico em chunks muito grandes. O modelo média muitos conceitos em um único vetor, similarity vira ruidosa. Ranking RAG fica ruim.
-**Certo:** chunks de 200-500 tokens com overlap:
-```ts
-const chunks = chunkText(fullDocument, { size: 400, overlap: 80 })
-for (const chunk of chunks) {
-  await embed(chunk).then(insert)
-}
-```
-### Anti-pattern 4: Sem index em coluna `embedding`
-**Errado:**
-```sql
-create table documents (embedding vector(1536) not null);
--- (esqueceu create index)
-```
-**Por quê:** sem index, similarity search vira sequential scan. Em > 10k linhas, queries levam segundos a minutos. Em produção, app fica inviável.
-**Certo:**
-```sql
-create index documents_embedding_hnsw_idx on documents using hnsw (embedding vector_cosine_ops);
-```
-## Notas de futuro
-- **Hybrid search** (FTS + vector com RRF — Reciprocal Rank Fusion) está coberto em skill `supabase-fts` (defer v1.9 — full-text search standalone).
-- **Vector Buckets** e **Analytics Buckets** ainda em alpha em 2026 — mencione como existência mas não detalhe (pattern canônico evoluindo).
-## Ver também
-- [supabase-rls-policies](../supabase-rls-policies/SKILL.md) — RLS é base de RAG with permissions
-- [supabase-database-functions](../supabase-database-functions/SKILL.md) — função `match_documents` com `security invoker` + `set search_path = ''`
-- [supabase-edge-functions](../supabase-edge-functions/SKILL.md) — geração de embeddings server-side
-- [supabase-migrations](../supabase-migrations/SKILL.md) — schema com `vector` extension
-- [glossário](../_shared-supabase/glossary.md) — operadores `<=>`/`<#>`/`<->`
+---
+name: supabase-pgvector-rag
+description: Use ao implementar RAG com pgvector — create extension vector, dim consistente, HNSW vs IVFFlat, operadores <=>/<#>, RAG with permissions via RLS, chunking.
+---
+# Supabase — pgvector + RAG
+## Quando usar
+LLM carrega esta skill quando implementar embeddings, similarity search ou RAG (Retrieval-Augmented Generation) com Supabase. Trigger phrases:
+- "pgvector", "vector embeddings"
+- "RAG Supabase", "retrieval augmented generation"
+- "semantic search Postgres"
+- "HNSW vs IVFFlat"
+- "embedding dimension"
+- "match_documents function"
+## Regras absolutas
+- **Setup:** `create extension if not exists vector;` em migration ou `supabase/schemas/`.
+- **Dimension fixa por modelo** — defina `embedding vector(N)` com N = dim do modelo: 1536 (OpenAI ada-002), 768 (nomic-embed-text), 384 (all-MiniLM-L6-v2). Mismatch = silent fail ou matches aleatórios.
+- **Index obrigatório** — sem index, similarity search faz full scan e degrada drasticamente em > 10k linhas.
+- **`HNSW`** = default em 2026 — recall melhor, queries mais rápidas com mais data. Build mais lento.
+- **`IVFFlat`** = alternativa quando build time domina (datasets dinâmicos com re-build frequente). Recall menor.
+- **Distance operators canônicos:**
+  - **`<=>`** — cosine distance (mais comum em embeddings normalizados)
+  - **`<#>`** — negative inner product
+  - **`<->`** — L2 (euclidean) distance
+- **`RAG with permissions`** — combine similarity search com RLS na tabela source. Sem isso, retrieval vaza documents entre tenants.
+- **Chunking:** 200-500 tokens com overlap 10-20%. Chunks > 1k tokens degradam embeddings; < 100 perdem contexto.
+- **Embedding generation server-side** — geração via Edge Function ou worker (model API key não vai para client).
+## Patterns canônicos
+### Schema com RLS + HNSW index
+```sql
+-- PT-BR: extension uma vez por projeto
+create extension if not exists vector;
+-- PT-BR: documents com embedding e user_id para RAG with permissions
+create table public.documents (
+  id uuid primary key default gen_random_uuid(),
+  user_id uuid not null references auth.users (id) on delete cascade,
+  content text not null,                    -- PT-BR: chunk de texto (200-500 tokens)
+  embedding vector(1536) not null,          -- PT-BR: dim casa com modelo
+  metadata jsonb default '{}'::jsonb,
+  created_at timestamptz default now()
+);
+-- PT-BR: HNSW com cosine distance (default 2026)
+create index documents_embedding_hnsw_idx
+  on public.documents
+  using hnsw (embedding vector_cosine_ops);
+-- PT-BR: RLS — RAG with permissions
+alter table public.documents enable row level security;
+create policy "users_read_own_docs"
+  on public.documents for select to authenticated
+  using ((select auth.uid()) = user_id);
+create policy "users_insert_own_docs"
+  on public.documents for insert to authenticated
+  with check ((select auth.uid()) = user_id);
+create index documents_user_id_idx on public.documents (user_id);
+```
+### Função `match_documents` — RAG with permissions
+```sql
+create or replace function public.match_documents(
+  query_embedding vector(1536),
+  match_threshold float,
+  match_count int
+)
+returns table (
+  id uuid,
+  content text,
+  similarity float,
+  metadata jsonb
+)
+language plpgsql
+security invoker                            -- PT-BR: invoker → respeita RLS do caller
+set search_path = ''
+stable
+as $$
+begin
+  return query
+    select
+      d.id,
+      d.content,
+      1 - (d.embedding <=> query_embedding) as similarity,
+      d.metadata
+    from public.documents as d
+    where 1 - (d.embedding <=> query_embedding) > match_threshold
+    order by d.embedding <=> query_embedding
+    limit match_count;
+end;
+$$;
+```
+**Por que `security invoker`:** garante que a função só retorna documentos que o caller (usuário autenticado) tem permissão de ver via RLS. Sem RLS, qualquer caller via similarity recupera documents de outros tenants.
+### Uso da função do client
+```ts
+// PT-BR: gerar embedding (em Edge Function, server-side) e chamar match_documents
+const queryEmbedding = await embedQuery(userQuestion)   // dim 1536
+const { data: matches } = await supabase.rpc('match_documents', {
+  query_embedding: queryEmbedding,
+  match_threshold: 0.78,
+  match_count: 10,
+})
+// matches: [{ id, content, similarity, metadata }, ...] já filtrado por RLS
+const context = matches.map((m) => m.content).join('\n\n')
+const answer = await llmComplete({ context, question: userQuestion })
+```
+### IVFFlat alternativa
+```sql
+-- PT-BR: usar IVFFlat quando build time importa (dataset dinâmico)
+-- lists = sqrt(N) é heurística para N total de linhas
+create index documents_embedding_ivfflat_idx
+  on public.documents
+  using ivfflat (embedding vector_cosine_ops)
+  with (lists = 100);                       -- ajustar conforme volume
+```
+### Geração de embeddings em Edge Function
+```ts
+// supabase/functions/embed-document/index.ts
+// PT-BR: chunking + embedding + insert
+import { createClient } from 'npm:@supabase/supabase-js@2'
+import OpenAI from 'npm:openai@4'
+Deno.serve(async (req) => {
+  const { user_id, document } = await req.json()
+  const openai = new OpenAI({ apiKey: Deno.env.get('OPENAI_API_KEY') })
+  const supabase = createClient(
+    Deno.env.get('SUPABASE_URL')!,
+    Deno.env.get('SUPABASE_SECRET_KEYS')!
+  )
+  // PT-BR: chunk em pedaços de ~400 tokens com overlap 20%
+  const chunks = chunkText(document, { size: 400, overlap: 80 })
+  for (const chunk of chunks) {
+    const embedRes = await openai.embeddings.create({
+      model: 'text-embedding-3-small',      // dim 1536
+      input: chunk,
+    })
+    await supabase.from('documents').insert({
+      user_id,
+      content: chunk,
+      embedding: embedRes.data[0].embedding,
+    })
+  }
+  return new Response('embedded')
+})
+```
+## Anti-patterns
+### Anti-pattern 1: Dim mismatch entre modelo e coluna
+**Errado:**
+```sql
+create table documents (embedding vector(1536) not null);
+```
+```ts
+// PT-BR: usa nomic-embed-text que retorna dim 768
+const embedding = await nomicEmbed(text)              // 768
+await supabase.from('documents').insert({ embedding })  // ⚠ insert falha
+```
+**Por quê:** Postgres rejeita insert com dim mismatch (`expected 1536 dimensions, got 768`). Em pior caso, se aceito, similarity retorna ranking aleatório.
+**Certo:** alinhe dim:
+```sql
+create table documents (embedding vector(768) not null);
+```
+ou troque o modelo para um que retorne 1536.
+### Anti-pattern 2: Similarity search sem RLS — vazamento RAG
+**Errado:**
+```sql
+-- PT-BR: tabela documents sem RLS
+create table public.documents (
+  id uuid primary key,
+  content text,
+  embedding vector(1536)
+);
+```
+**Por quê:** qualquer authenticated chama `match_documents` e recupera documents de outros usuários. Em apps multi-tenant, é vazamento crítico — RAG do tenant A vê docs do tenant B.
+**Certo:** habilite RLS + policies por `user_id`/`org_id` + use `security invoker` em funções de match (ver pattern canônico).
+### Anti-pattern 3: Chunks gigantes (> 1k tokens)
+**Errado:**
+```ts
+// PT-BR: chunk inteiro de documento (5k tokens)
+const chunks = [fullDocument]
+const embedding = await embed(fullDocument)
+```
+**Por quê:** embeddings perdem detalhe semântico em chunks muito grandes. O modelo média muitos conceitos em um único vetor, similarity vira ruidosa. Ranking RAG fica ruim.
+**Certo:** chunks de 200-500 tokens com overlap:
+```ts
+const chunks = chunkText(fullDocument, { size: 400, overlap: 80 })
+for (const chunk of chunks) {
+  await embed(chunk).then(insert)
+}
+```
+### Anti-pattern 4: Sem index em coluna `embedding`
+**Errado:**
+```sql
+create table documents (embedding vector(1536) not null);
+-- (esqueceu create index)
+```
+**Por quê:** sem index, similarity search vira sequential scan. Em > 10k linhas, queries levam segundos a minutos. Em produção, app fica inviável.
+**Certo:**
+```sql
+create index documents_embedding_hnsw_idx on documents using hnsw (embedding vector_cosine_ops);
+```
+## Notas de futuro
+- **Hybrid search** (FTS + vector com RRF — Reciprocal Rank Fusion) está coberto em skill `supabase-fts` (defer v1.9 — full-text search standalone).
+- **Vector Buckets** e **Analytics Buckets** ainda em alpha em 2026 — mencione como existência mas não detalhe (pattern canônico evoluindo).
+## Ver também
+- [supabase-rls-policies](../supabase-rls-policies/SKILL.md) — RLS é base de RAG with permissions
+- [supabase-database-functions](../supabase-database-functions/SKILL.md) — função `match_documents` com `security invoker` + `set search_path = ''`
+- [supabase-edge-functions](../supabase-edge-functions/SKILL.md) — geração de embeddings server-side
+- [supabase-migrations](../supabase-migrations/SKILL.md) — schema com `vector` extension
+- [glossário](../_shared-supabase/glossary.md) — operadores `<=>`/`<#>`/`<->`