Was hitting msupabase-kong (port 8000 on mlake) which serves the
flexsiebels/msbls Supabase. Paliad lives on youpc Supabase, exposed
via Traefik at ystudio.msbls.de. Verified: query 'SELECT count(*)
FROM paliad.users' returns 31 (matches live DB) instead of 0 (msbls
has the schema but no rows).
Auth header reuses YOUPC_SUPABASE_AUTH which is already in dotenv.
Effective on next Claude Code session start.
Anonymous-surface smoke test of paliad.de — all 11 legacy DE→EN redirects,
9 gated routes, /login form, and / marketing landing healthy. Two minor
findings noted in the report (knowledge platform is auth-gated contrary
to brief expectation; anon / fires a 401 on /api/changelog/unseen-count).
Authenticated flows untested — needs follow-up worker with creds.
Also registers @playwright/mcp in .mcp.json so future smoke runs can use
the /mai-tester skill's mcp__playwright__* tools directly instead of
falling back to a bunx script.
Paliad prod data lives on the youpc Supabase (100.99.98.201:11833,
search_path=paliad,public), not on the flexsiebels Supabase that
${SUPABASE_AUTH} resolves to. Next session will pick this up on load
and can run schema work against the correct DB.
