en un clic
authentication-setup
">"
Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.
Menu
">"
Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.
Basé sur la classification professionnelle SOC
Assist with Colibri: pure-C LLM inference engine for running GLM-5.2 (744B MoE) on consumer machines with ~25 GB RAM. Use when setting up, building, converting models, running inference, configuring expert streaming and caching, optimizing speculative decoding (MTP), GPU integration, and integrating Colibri into production pipelines. Includes build setup, model download & conversion, chat/inference modes, performance tuning, and API integration patterns.
Discover and apply curated prompts from the prompts.chat collection to optimize AI interactions. Use when refining prompt engineering, finding domain-specific prompt templates, improving response quality, or building prompt-based workflows. Triggers on: prompt optimization, prompt templates, prompt engineering, prompt library, curated prompts, prompt discovery, and AI prompt patterns.
Turn ONE topic into a finished Vox-style paper-collage explainer / ad video, end to end on the Atlas Cloud API + local ffmpeg — script, collage keyframes, motion, voice-over, music, captions, all automated. Use this whenever the user wants a "Vox style" video, a paper/torn-paper collage animation, a "motion collage", a narrated explainer or short ad built from AI-generated collage posters, a scrapbook-style tribute, or wants to turn a topic / product / person into a punchy narrated collage video — even if they don't say the word "Vox". Also use when reproducing Stav Zilber / rom1trs / Higgsfield-style collage ad workflows, or when the user asks for a motion collage or a scrapbook-style tribute. Triggers: "vox video", "collage video", "motion collage", "paper collage explainer", "make a collage ad", "turn this topic into a collage video".
Assist with Motion Previs Studio v4: a cross-platform desktop app for AI-film previsualization. Use when setting up, configuring, troubleshooting, or extending motion-previs-studio for pose extraction, depth mapping, camera motion solving, control layer export, and bundle production for AI-video workflows (Seedance, ComfyUI, Blender, Runway, Kling). Includes build setup, feature integration, UI/logic debugging, and export pipeline optimization.
Work with Lapian Notes / 拉片笔记 (github.com/bkingfilm/lapian-notes) — a local- first React/Vite tool that turns a film into an editable shot-by-shot study notebook: local frame extraction, AI-assisted structure analysis (bring your own AI, no API key required), story-line swimlane timeline, structure tree, and audience-emotion curve. Use when the user asks about Lapian Notes, "拉片笔记", "拉片" (shot-by-shot film analysis) tooling, cloning/running this repo (npm run dev, run.bat/run.command), the AI-analysis-package (ZIP) round-trip workflow, or contributing a PR to lapian-notes. Not for generic video editing (use `opencut` for that) or generic film-analysis theory unrelated to this codebase.
Set up, run, and contribute to TokHub (github.com/yaojingang/TokHub) — an open-source AI API relay monitoring, recommendation, and OpenAI-compatible gateway system with L1/L2/L3 channel health probing, usage metering, alerts, audit, and Docker self-hosting. Use when the user asks about TokHub, "AI API 中转站监控", cloning/running the Go + React monorepo (TOKHUB_ROLE, sqlc, TimescaleDB, NATS), the L1/L2/L3 probe algorithm, the OpenAI-compatible `/gateway/v1/*` endpoint, or contributing a PR to TokHub. Do not use for connecting a running agent to a live TokHub instance's own API (that is covered by the project's own bundled `agent-skills/tokhub` skill inside the TokHub repo, not this one).
| name | authentication-setup |
| description | > |
| license | MIT |
| compatibility | > |
| allowed-tools | Bash Read Write Edit Glob Grep |
| metadata | {"version":"2.1.0","modernization":"2026-04-14T00:00:00.000Z","structural_hardening":"2026-04-17T00:00:00.000Z","tags":"authentication-setup, auth, sessions, jwt, oauth, passkeys, sso, scim, product-auth, backend","platforms":"Claude, ChatGPT, Gemini"} |
Use this skill when the real job is choosing and structuring product authentication for a real app, not dumping JWT snippets or pretending authentication, authorization, security hardening, and docs are all the same task.
authentication-setup owns the setup layer for:
Read these support docs before choosing the lane or handoff:
api-designsecurity-best-practicesapi-designapi-documentationbackend-testingdatabase-schema-designNormalize the request first.
auth_setup_profile:
app_type: saas | internal-tool | marketplace | consumer-app | api-only | mixed | unknown
auth_lane: hosted | framework-native | platform-native | enterprise-add-on | self-hosted | unknown
runtimes: browser | server | edge | mobile | api | mixed
login_methods: password | magic-link | social-oauth | passkeys | sso | mixed | unknown
identity_scope: single-user | teams-orgs | b2b-enterprise | mixed | unknown
session_model: server-session | stateless-jwt | hybrid | unknown
data_ownership: vendor-owned | app-owned | hybrid | unknown
rollout_stage: greenfield | mvp | scale-up | migration | enterprise-expansion
Ask or infer:
Use auth-decision-matrix.md instead of rebuilding the landscape from memory.
Default lane chooser:
Rules:
Before implementation, state who owns what.
Minimum boundary packet:
Use boundary-checklist.md to keep the skill from drifting into neighboring lanes.
Use session-and-deployment-notes.md for the detailed heuristics.
Quick defaults:
Always record:
Even hosted auth rarely removes the need for local tables.
Usually define at least:
users or profilesorganizations / workspaces if multi-tenantmemberships / rolesRecord:
If the request slides into broader schema design, route deeper modeling to database-schema-design.
If the request includes SSO, SCIM, domain verification, existing-user linking, provider migration, or self-hosted cutover risk, use enterprise-and-migration-notes.md.
Name these items directly:
The output should help the next implementation step succeed.
Preferred packet:
Use this structure unless the user asks for another format:
# Authentication Setup Plan
## Auth lane
- chosen lane
- why it fits
## Recommended stack
- primary option
- fallback option
- tradeoffs
## Ownership boundary
- provider owns
- app owns
- shared edge / sync points
## Session + login model
- sessions vs JWT vs hybrid
- chosen login methods
- callback/cookie/runtime notes
## App-owned data model
- users/profiles
- orgs/memberships/roles
- sync strategy
## Environment + rollout checklist
- local
- preview/staging
- production
- migration notes
## Route-outs
- adjacent skills and why
Input:
Set up auth for a Next.js SaaS app with email login, Google OAuth, org roles, and an admin panel.
Expected handling:
Input:
We already use Supabase. Decide what auth should live in Supabase vs our app DB, and how roles should work.
Expected handling:
Input:
We already have login. Now add enterprise SSO and SCIM for B2B customers without rewriting our whole auth stack.
Expected handling:
authentication-setup stays reusable instead of becoming another backend catch-all.