mythos.new — Browser IDE for Vite & Next.js

Why BYO

You own the data. We never copy it, never proxy it, never see the service-role key.
No vendor lock-in. If you leave Mythos, your database, your auth users, your storage bucket all stay where they are.
You pay Supabase directly. We do not mark up usage; their free tier covers most early projects.

Set it up

Create a Supabase project at supabase.com (free tier is fine to start).
Open Settings → API in the Supabase dashboard. Copy the Project URL and the anon/publishable key.
In a Mythos project workspace, open Settings → backend tab → Connect Supabase. Paste both values and submit.
The agent now has access to db_migrate and auth_pattern. Future generations can wire up auth and database code directly.

Which keys go where

Key	Goes to Mythos?	Why
Project URL	Yes	Used to build REST endpoints in generated code.
Anon / publishable key	Yes	Public-by-design key — safe to ship in client bundles. RLS gates what it can read.
Service-role / secret key	NO	Server-only key with full DB access. Mythos never asks for it and never stores it.

RLS is mandatory

Because the anon key is bundled into client JavaScript, every table the agent creates must have Row Level Security enabled and at least one policy. The db_migrate tool enforces this — a migration that creates a table without RLS is rejected with a clear error. See the db_migrate page for details.

Troubleshooting

Connect button fails with "URL must end in .supabase.co" — we only accept Supabase Cloud URLs today. Self-hosted Supabase is out of scope.
Connect succeeds but the agent says "no backend connected" — Mythos stores the connection per-project. New projects need their own connect step.
Migration rejected for missing RLS — copy the error verbatim into the chat, the agent will add the missing ENABLE ROW LEVEL SECURITY + CREATE POLICY lines.