nrpg-workflow

Use when working on NRPG Platform tasks to follow repo conventions (NextAuth cookie sessions, tenant safety, and contractor privacy) and to run the correct checks.

View SKILL.md on GitHub Repository

Stars 163

Forks 31

Install this agent skill to your Project

npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/productivity/nrpg-workflow

Metadata

Additional technical details for this skill

short description: NRPG workflow guardrails

SKILL.md

Follow these rules when implementing changes in this repository:

Auth (critical)

Use NextAuth cookie sessions for web UI flows.
Do not use localStorage tokens for auth in the UI.
In API routes, prefer getServerSession(authOptions) and server-side role checks.
Only allow Authorization: Bearer ... when explicitly required for non-browser clients.

Multi-tenancy & privacy (critical)

Never expose contractor identities to clients.
Clients must not be able to browse/search contractors or contact them directly.
Enforce role-based access for any contractor profile endpoints/pages.

Implementation workflow

Scan for auth-token usage (localStorage, Authorization: Bearer) and remove/limit as required.
Verify server-side auth checks in any modified app/api/**/route.ts.
Run targeted checks for the area changed:
- npm run lint
- npm test
- npm run build
Fix failures only if they are related to the change being made.

Maintainer

majiayu000 Core maintainer

Source details

Full Name: majiayu000/claude-skill-registry
Branch: main
Path in repo: skills/productivity/nrpg-workflow
License: MIT License

Join Our Newsletter

Stay updated with the latest AI tools, news, and offers by subscribing to our weekly newsletter.

Didn't find tool you were looking for?