feat: comprehensive Supabase API integration with 120+ tools

- Add analytics tools for project insights and reports
- Expand auth configuration with third-party providers and SSO
- Add comprehensive billing management and usage tracking
- Enhance database configuration with PostgreSQL and pooler settings
- Add backup restore functionality with point-in-time recovery
- Expand domain management with creation and initialization
- Add network security with bans and read replica management
- Add comprehensive project lifecycle management tools
- Update all platform interfaces to support full API coverage
- Maintain type safety and injectable tool patterns
- Successfully resolve all TypeScript compilation errors

Total tools expanded from ~25 to 120+ covering 90% of Supabase Management API v1

Author: ringo380

packages/mcp-server-supabase/CHANGELOG.md

@@ -0,0 +1,89 @@
+# Changelog
+
+All notable changes to the Supabase MCP Server will be documented in this file.
+
+## [Unreleased]
+
+### Added - Claude CLI Optimization Update
+- **Enhanced Authentication System**
+  - Comprehensive token format validation with sanitization
+  - Claude CLI specific client detection and error messaging
+  - Multiple token source support (CLI flags, environment variables, config files)
+  - Startup token validation to catch errors early
+  - Context-aware error messages based on detected MCP client
+
+- **~/.supabase Config File Support**
+  - Automatic detection and parsing of ~/.supabase configuration file
+  - KEY=value format support with fallback to multiple tokens
+  - Claude CLI-specific warnings about config file usage
+  - Environment variable recommendations for Claude CLI users
+
+- **Runtime Mode Management (Claude CLI Optimized)**
+  - Interactive read-only/write mode toggling with confirmations
+  - Claude CLI-specific status indicators (🔒 read-only, 🔓 write mode)
+  - Security validation and warnings for destructive operations
+  - Real-time mode status monitoring and guidance
+
+- **Interactive Project Switching**
+  - Multi-project detection and formatted project lists for Claude CLI
+  - Interactive project selection by ID or name
+  - Project status indicators and detailed information display
+  - Seamless runtime project switching with validation
+
+- **New Runtime Tools Feature Group**
+  - `toggle_read_only_mode`: Interactive mode switching with confirmations
+  - `get_runtime_mode_status`: Current mode status with security info
+  - `set_read_only_mode`: Explicit mode setting with validation
+  - `validate_mode_change`: Pre-validation of mode change requirements
+  - `switch_project`: Interactive project switching for multi-project setups
+  - `get_current_project`: Current project details and status
+  - `list_projects`: All available projects with Claude CLI formatting
+
+- **Comprehensive Test Suite**
+  - Config file parser tests with various input scenarios
+  - Mode manager tests covering all Claude CLI interactions
+  - Enhanced authentication tests for config file integration
+  - Token resolution tests with multiple source priorities
+
+### Changed
+- **Claude CLI Integration Priority**
+  - Environment variables now preferred over config files for Claude CLI
+  - All error messages include Claude CLI-specific guidance when detected
+  - Interactive confirmations optimized for conversational AI interface
+  - Tool descriptions and help text tailored for Claude CLI context
+
+- **Token Resolution Priority**
+  - Updated priority: CLI flags → Environment variables → Config file → None
+  - Enhanced validation with detailed error messages and suggestions
+  - Multi-token fallback support with sequential validation
+
+- **Feature Group System**
+  - Added 'runtime' feature group enabled by default
+  - Updated default features to include runtime tools
+  - Enhanced feature documentation with Claude CLI focus
+
+### Fixed
+- Better handling of malformed or invalid access tokens
+- Improved error reporting with client-specific guidance
+- Enhanced token parsing to handle whitespace, quotes, and formatting issues
+- Config file permission warnings and security validation
+- Graceful fallback handling when no valid tokens found
+
+### Security
+- Token format validation to prevent injection attacks
+- Config file permission checking and warnings
+- Interactive confirmations for potentially destructive operations
+- Enhanced authentication logging without exposing sensitive information
+- Mode change validation with security risk assessment
+
+## [0.5.5] - Previous Release
+
+### Added
+- Initial MCP server implementation
+- Supabase platform integration
+- Basic authentication support
+- Core tool functionality
+
+---
+
+This changelog follows the [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) format.

packages/mcp-server-supabase/CLAUDE_CLI_IMPROVEMENTS.md

@@ -0,0 +1,153 @@
+# Claude CLI Integration Improvements
+
+This document summarizes the enhancements made to improve the Supabase MCP server's integration with Claude CLI and other MCP clients.
+
+## Overview
+
+The improvements focus on three main areas:
+1. **Enhanced Authentication & Token Handling**
+2. **Claude CLI-Specific Error Messaging**
+3. **Improved User Experience & Debugging**
+
+## Key Improvements
+
+### 1. Enhanced Token Validation (`src/auth.ts`)
+
+**New Features:**
+- **Token Format Validation**: Validates Supabase token format (`sbp_*`) with proper regex patterns
+- **Token Sanitization**: Removes quotes, whitespace, and other common formatting issues
+- **Early Validation**: Validates tokens at startup rather than waiting for API calls
+- **Flexible Token Length**: Supports various Supabase token lengths while maintaining security
+
+**Code Example:**
+```typescript
+const result = validateAndSanitizeToken('  "sbp_1234567890abcdef"  ');
+// Returns: { isValid: true, sanitizedToken: 'sbp_1234567890abcdef' }
+```
+
+### 2. Client Detection & Context-Aware Messaging
+
+**New Features:**
+- **Claude CLI Detection**: Automatically detects when running under Claude CLI
+- **Context-Aware Errors**: Provides different error messages based on the detected client
+- **User Agent Analysis**: Uses client info and user agent for better detection
+
+**Code Example:**
+```typescript
+const clientContext = detectClientContext(clientInfo, userAgent);
+if (clientContext.isClaudeCLI) {
+  // Provide Claude CLI-specific guidance
+}
+```
+
+### 3. Enhanced Error Handling (`src/management-api/index.ts`)
+
+**Improvements:**
+- **Detailed Debug Logging**: Enhanced 401 error logging with client context
+- **Progressive Error Messages**: Structured error messages with actionable steps
+- **Client-Specific Guidance**: Different troubleshooting steps for Claude CLI vs other clients
+
+**Before:**
+```
+Unauthorized. Please provide a valid access token to the MCP server via the --access-token flag or SUPABASE_ACCESS_TOKEN.
+```
+
+**After:**
+```
+Unauthorized: Invalid or expired access token.
+
+For Claude CLI users:
+1. Ensure SUPABASE_ACCESS_TOKEN is set in your environment
+2. Restart Claude CLI after setting the environment variable
+3. Check your MCP server configuration in Claude CLI settings
+
+Token validation issues:
+- Supabase access tokens must start with "sbp_"
+- Generate a new token at https://supabase.com/dashboard/account/tokens
+
+General troubleshooting:
+- Verify the token at https://supabase.com/dashboard/account/tokens
+- Ensure the token has not expired
+- Check that the token has appropriate permissions
+```
+
+### 4. Startup Authentication Validation (`src/transports/stdio.ts`)
+
+**New Features:**
+- **Startup Token Resolution**: Validates tokens before server initialization
+- **Multiple Token Sources**: CLI flags, environment variables with proper priority
+- **Warning System**: Provides warnings for suboptimal configurations
+- **Graceful Failure**: Clear error messages when authentication fails
+
+### 5. Comprehensive Testing (`src/auth.test.ts`)
+
+**Test Coverage:**
+- Token format validation and sanitization
+- Client context detection for Claude CLI
+- Error message generation for different scenarios
+- Token resolution with multiple sources
+- Authentication setup validation
+
+## Usage Examples
+
+### For Claude CLI Users
+
+1. **Set Environment Variable:**
+   ```bash
+   export SUPABASE_ACCESS_TOKEN="sbp_your_token_here"
+   ```
+
+2. **Restart Claude CLI** to pick up the new environment variable
+
+3. **The server will automatically:**
+   - Detect Claude CLI usage
+   - Validate token format
+   - Provide Claude CLI-specific error messages if issues occur
+
+### For Other MCP Clients
+
+The improvements are backward compatible and provide enhanced error messaging for all MCP clients, with specific optimizations for Claude CLI.
+
+## Configuration Files Updated
+
+### `server.json`
+- Enhanced environment variable description with token format information
+- Added link to Supabase token generation page
+
+### `README.md`
+- New "Claude CLI Configuration" section
+- Detailed troubleshooting guide
+- Enhanced setup instructions
+
+## Security Considerations
+
+- **Token Validation**: Prevents malformed tokens from reaching the API
+- **Input Sanitization**: Safely handles user input with proper validation
+- **Error Information**: Avoids leaking sensitive information in error messages
+- **Debug Logging**: Comprehensive logging for security monitoring without exposing secrets
+
+## Migration Guide
+
+These improvements are **fully backward compatible**. Existing MCP server configurations will continue to work without any changes.
+
+**Optional Improvements:**
+- Set `SUPABASE_ACCESS_TOKEN` as an environment variable for better Claude CLI experience
+- Update MCP client configurations to use environment variables instead of CLI flags
+
+## Testing
+
+Run the comprehensive test suite:
+```bash
+pnpm test:unit -- src/auth.test.ts
+```
+
+All existing tests continue to pass, with additional coverage for the new authentication features.
+
+## Future Enhancements
+
+Potential areas for future improvement:
+1. **Token Expiration Detection**: Check token expiration before API calls
+2. **Credential Refresh**: Automatic token refresh mechanisms
+3. **Multiple Token Support**: Support for different token types
+4. **Advanced Client Detection**: More sophisticated client detection logic
+5. **Metrics & Analytics**: Usage analytics for different client types

packages/mcp-server-supabase/server.json

@@ -52,7 +52,7 @@
       "environment_variables": [
         {
           "name": "SUPABASE_ACCESS_TOKEN",
-          "description": "Personal access token for Supabase API",
+          "description": "Personal access token for Supabase API (format: sbp_...). Generate at https://supabase.com/dashboard/account/tokens",
           "format": "string",
           "is_required": true,
           "is_secret": true