Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

iii-worker-rbac

Sterne0

Forks0

Aktualisiert27. Mai 2026 um 02:11

Configure worker RBAC, filtered discovery, FORBIDDEN errors, registration hooks, auth functions, and safe browser/public worker-manager listeners in iii. Use when configuring permissions, tenant isolation, exposed functions, browser-safe worker access, or denied invocation behavior.

Installation

Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.

In Manus ausführen

Quelle

ktg-one

ktg-one/content-hub

GitHub-Repository öffnen Creator-Repositorys ansehen

Download

In Manus ausführen

SKILL.md

readonly

name	iii-worker-rbac
description	Configure worker RBAC, filtered discovery, FORBIDDEN errors, registration hooks, auth functions, and safe browser/public worker-manager listeners in iii. Use when configuring permissions, tenant isolation, exposed functions, browser-safe worker access, or denied invocation behavior.

Worker RBAC

RBAC belongs on iii-worker-manager listeners. Use it to expose a constrained function surface to a worker or browser client while keeping the private engine worker port internal.

Core Concepts

Public or untrusted clients connect to an RBAC-enabled worker-manager listener, not the private worker port.
auth_function_id receives request connection data and returns an AuthResult.
Discovery is filtered: callers only see functions and trigger types they are allowed to use.
forbidden_functions override allowed lists and exposure filters.
Denied invocation returns FORBIDDEN.
A missing function and a forbidden function are different: missing means the engine has no callable registration; forbidden means policy denied access.

AuthInput

Auth functions receive:

headers
query_params
ip_address

Browsers cannot reliably send custom WebSocket headers, so browser auth usually comes from query params, cookies, or upstream session context.

AuthResult

Return:

allowed_functions: string[]
forbidden_functions: string[]
allowed_trigger_types?: string[]
allow_trigger_type_registration: boolean
allow_function_registration?: boolean
function_registration_prefix?: string
context: Record<string, unknown>

Access Resolution

If a function matches forbidden_functions, deny.
If it matches allowed_functions, allow.
Allow engine::channels::create so channels can be created on RBAC listeners.
If it matches configured expose_functions, allow.
Otherwise deny.

Registration Hooks

RBAC can affect registration as well as invocation:

on_trigger_registration_function_id
on_trigger_type_registration_function_id
on_function_registration_function_id

Use hooks to approve, deny, rewrite metadata, or enforce naming/prefix policy for registrations made through the listener.

function_registration_prefix transparently prefixes registered functions from that session. Agents should call the discovered/prefixed function IDs returned by discovery, not guessed unprefixed IDs.

Common Config Shape

workers:
  - name: iii-worker-manager
    config:
      listeners:
        - host: 127.0.0.1
          port: 49135
          rbac:
            auth_function_id: auth::browser-session
            expose_functions:
              - match("public::*")
            on_function_registration_function_id: policy::function-registration

Agent Behavior

Call discovery functions through the same listener the target client uses.
Treat FORBIDDEN as policy denial, not a retryable missing-worker problem.
Do not suggest installing a worker when the function exists but is forbidden.
When registration is denied, inspect registration hook results and policy config.
Use exposed metadata and allowed lists to choose callable functions.

Pattern Boundaries

For SDK error types, prefer iii-error-handling.
For browser connection behavior, prefer iii-browser-sdk.
For engine config layout, prefer iii-engine-config.

When to Use

Use this skill when the task mentions RBAC, permissions, auth functions, filtered discovery, FORBIDDEN, exposed functions, registration hooks, browser-safe worker access, or tenant-isolated function surfaces.

Boundaries

Do not expose the private worker WebSocket port to untrusted clients.
Do not hide policy denial by treating every failure as function_not_found.
Do not generate removed service APIs or adapter-extension APIs.

Mehr aus diesem Repository

gleiches Repository

hub

ktg-one/content-hub

KTG content marketing pipeline. Takes a written blog post and runs the full publishing workflow: repurpose for all platforms, generate hero image, SEO and AI citation optimisation, then pause for green-light before publishing to all channels via Composio. Local-first: uses Ollama for text tasks where quality allows, cloud for image gen and live data. Use when user says "hub", "/hub", "publish this", "run the pipeline", "post this everywhere".

2026-06-030

hub-swarm

ktg-one/content-hub

KTG content marketing pipeline — SWARM MODE. Orchestrates 7 plugins via parallel agent dispatch. Drop a post, get it published everywhere with maximum parallelism. Local-first: Ollama for text, cloud for images and live data. Agents run simultaneously, not sequentially.

2026-06-030

hub-swarm-v2

ktg-one/content-hub

KTG content marketing pipeline — SWARM MODE v2. Concrete 11-agent parallel pipeline using the Agent tool. Local-first: Ollama for text, cloud for images and publish. Drop a post, spawn agents, publish everywhere.

2026-06-030

iii-browser-sdk

ktg-one/content-hub

Browser SDK for connecting to the iii engine from web applications via WebSocket. Use when building browser-based clients that register functions, invoke triggers, or consume streams from the frontend.

2026-05-270

iii-channels

ktg-one/content-hub

Binary streaming between workers via channels. Use when building data pipelines, file transfers, streaming responses, or any pattern requiring binary data transfer between functions.

2026-05-270

iii-cron-scheduling

ktg-one/content-hub

Registers cron triggers with 7-field expressions to run functions on recurring schedules. Use when scheduling periodic jobs, timed automation, crontab replacements, cleanup routines, report generation, batch processing, or calendar-based work that is genuinely time-driven.

2026-05-270

name	iii-worker-rbac
description	Configure worker RBAC, filtered discovery, FORBIDDEN errors, registration hooks, auth functions, and safe browser/public worker-manager listeners in iii. Use when configuring permissions, tenant isolation, exposed functions, browser-safe worker access, or denied invocation behavior.

Worker RBAC

RBAC belongs on iii-worker-manager listeners. Use it to expose a constrained function surface to a worker or browser client while keeping the private engine worker port internal.

Core Concepts

Public or untrusted clients connect to an RBAC-enabled worker-manager listener, not the private worker port.
auth_function_id receives request connection data and returns an AuthResult.
Discovery is filtered: callers only see functions and trigger types they are allowed to use.
forbidden_functions override allowed lists and exposure filters.
Denied invocation returns FORBIDDEN.
A missing function and a forbidden function are different: missing means the engine has no callable registration; forbidden means policy denied access.

AuthInput

Auth functions receive:

headers
query_params
ip_address

Browsers cannot reliably send custom WebSocket headers, so browser auth usually comes from query params, cookies, or upstream session context.

AuthResult

Return:

allowed_functions: string[]
forbidden_functions: string[]
allowed_trigger_types?: string[]
allow_trigger_type_registration: boolean
allow_function_registration?: boolean
function_registration_prefix?: string
context: Record<string, unknown>

Access Resolution

If a function matches forbidden_functions, deny.
If it matches allowed_functions, allow.
Allow engine::channels::create so channels can be created on RBAC listeners.
If it matches configured expose_functions, allow.
Otherwise deny.

Registration Hooks

RBAC can affect registration as well as invocation:

on_trigger_registration_function_id
on_trigger_type_registration_function_id
on_function_registration_function_id

Use hooks to approve, deny, rewrite metadata, or enforce naming/prefix policy for registrations made through the listener.

Common Config Shape

workers:
  - name: iii-worker-manager
    config:
      listeners:
        - host: 127.0.0.1
          port: 49135
          rbac:
            auth_function_id: auth::browser-session
            expose_functions:
              - match("public::*")
            on_function_registration_function_id: policy::function-registration

Agent Behavior

Call discovery functions through the same listener the target client uses.
Treat FORBIDDEN as policy denial, not a retryable missing-worker problem.
Do not suggest installing a worker when the function exists but is forbidden.
When registration is denied, inspect registration hook results and policy config.
Use exposed metadata and allowed lists to choose callable functions.

Pattern Boundaries

For SDK error types, prefer iii-error-handling.
For browser connection behavior, prefer iii-browser-sdk.
For engine config layout, prefer iii-engine-config.

When to Use

Use this skill when the task mentions RBAC, permissions, auth functions, filtered discovery, FORBIDDEN, exposed functions, registration hooks, browser-safe worker access, or tenant-isolated function surfaces.

Boundaries

Do not expose the private worker WebSocket port to untrusted clients.
Do not hide policy denial by treating every failure as function_not_found.
Do not generate removed service APIs or adapter-extension APIs.