abac AI Agent Skills
Browse 19 skills related to abac
securing-authentication
Authentication, authorization, and API security implementation. Use when building user systems, protecting APIs, or implementing access control. Covers OAuth 2.1/OIDC, JWT patterns, sessions, Passkeys/WebAuthn, RBAC/ABAC/ReBAC, policy engines (OPA, Casbin, SpiceDB), managed auth (Clerk, Auth0), self-hosted (Keycloak, Ory), and API security best practices.
auth-patterns
Use when implementing authentication (JWT, sessions, OAuth), authorization (RBAC, ABAC), password hashing, MFA, or security best practices for backend services.
TB2J
Guide for using TB2J command-line tools to calculate magnetic interaction parameters (J, DMI, etc.) from DFT outputs (Wannier90, Siesta, Abacus). Use this skill when the user asks about running TB2J commands, their parameters, inputs, or outputs.
write-tests
Write tests following project conventions. Use when adding new tests or modifying existing ones.
write-docs
Create or update documentation pages for the Abacus docs site. Use when adding new documentation, updating existing pages, or ensuring docs stay in sync with code changes. Ensures pages follow Starlight patterns and build correctly.
write-tip
Create or improve AI productivity tips and guides for the Abacus dashboard. Use when writing new tips, editing existing tips, or reviewing tip content for quality. Ensures tips follow the established format with scenarios, prompts, and proper structure.
db-migrate
Create database migrations using Drizzle Kit. Use when adding/modifying tables, columns, or indexes. Ensures schema.ts and migrations stay in sync.
Authorization Testing Patterns
Role-based and attribute-based access control testing including permission matrices, privilege escalation prevention, and resource-level authorization.
abacatepay
Help with AbacatePay payment integration in Next.js projects. Use when implementing PIX payments, managing subscriptions, handling webhooks, or debugging payment flows. Covers SDK usage, webhook verification, and billing management for Brazilian SaaS applications.
start-http-registry
Start the local HTTP registry server for development. Use when testing infra scripts or commands that need a Abacus work private overrides such as RPC URLS.
alibabacloud-rds-copilot
Use the Alibaba Cloud RDS Copilot API to help users with RDS-related intelligent Q&A, SQL optimization, instance operations & maintenance, and troubleshooting. You can directly call the script uv run ./scripts/call_rds_ai.py to obtain real-time results.
authn-authz-review
Workflow to review authentication and authorization flows (sessions, tokens, RBAC/ABAC) and produce fix guidance.
authorization-models
Comprehensive authorization guidance covering RBAC, ABAC, ACL, ReBAC, and policy-as-code patterns. Use when designing permission systems, implementing access control, or choosing authorization strategies.
auth
Authentication and authorization patterns including OAuth2, JWT, RBAC/ABAC, session management, API keys, password hashing, and MFA. USE WHEN: Implementing login flows, access control, identity management, tokens, permissions, session handling, API key authentication, or MFA. DO NOT USE: For security vulnerability scanning (use /security-scan), for security audits (use /security-audit), for threat modeling (use /threat-model). TRIGGERS: login, logout, signin, signup, authentication, authorization, password, credential, token, JWT, OAuth, OAuth2, OIDC, SSO, SAML, session, cookie, RBAC, ABAC, permissions, roles, MFA, 2FA, TOTP, API key, PKCE.
openstack-backup
OpenStack backup operations skill for protecting cloud infrastructure through systematic backup strategies and disaster recovery procedures. Covers database backups (MariaDB full and incremental with mariabackup), configuration backups (globals.yml, inventory, Fernet keys), volume snapshots (Cinder LVM snapshots), image exports (Glance), instance snapshots (Nova), backup encryption (GPG/OpenSSL), retention policies (daily/weekly/monthly rotation), restore procedures (database point-in-time recovery, service rebuild), RPO/RTO planning, and disaster recovery drills. Use when planning backup strategy, scheduling automated backups, testing restore procedures, or executing disaster recovery.
authorization-security
Authorization security standards covering RBAC, ABAC, policy enforcement, OAuth2 scopes, resource-based access control, and NIST 800-53 compliance (AC-3, AC-4, AC-6) for production systems
member-module
Member system NestJS module. Use when working with user authentication, JWT tokens, OAuth2 integration (Google/Facebook), RBAC/ABAC permission control, password policies, or Casbin integration. Keywords: member, user, authentication, authorization, permission, login, password, JWT, OAuth, Casbin, RBAC, ABAC, NestJS
paper-making
Handcraft paper from plant fibres — fibre harvesting, pulping, sheet forming with a mould and deckle, pressing, and drying. Covers fibre sources (cotton, kozo, abaca, recycled paper), beating methods, sizing, and decorative techniques. Use when making handmade paper for art, stationery, or bookbinding, when creating unique textured or embedded paper for special projects, or when learning traditional paper making as a craft practice.
paper-making
Handcraft paper from plant fibres — fibre harvesting, pulping, sheet forming with a mould and deckle, pressing, and drying. Covers fibre sources (cotton, kozo, abaca, recycled paper), beating methods, sizing, and decorative techniques. Use when making handmade paper for art, stationery, or bookbinding, when creating unique textured or embedded paper for special projects, or when learning traditional paper making as a craft practice.