I can't quite get onboard with RLS directly from the client. It seems like a risky and finicky thing to design database access patterns around, but they might be a stroke of genius that I'm too blind to see right now.
If you're not comfortable then that's totally ok, especially because it's not as easy to test it automatically, but it's definitely allowed me to do away with a backend completely except for a webhook, so that's been nice.