auth.uid for user identify is ok?

[naturesh]

I use trigger and edge function to make the id equal to auth.uid in public.user every time a user enters. I also constructed the logic to manipulate the database using my master client (service role) based on this id. I think there may be problems if someone manipulates the database client-side object and changes it to someone else's Id. I wrote auth logic as in the documents in the suppbase using the sveltekit, but can there be a problem in my opinion?

[GaryAustin1]

The auth.uid is safe to be exposed as long as you have RLS involving auth.uid() for tables that a user should only manipulate their own data.
The security comes from the JWT not your filters.