SKILL-010 Security, testing, and operations Locked skill

Authorization strategy

Authorization is a decision, not a sprinkle of `if` statements — route every access check through one gate that denies by default.

Unlock download Unlock downloads

What this skill helps you build

Centralize every access decision behind one deny-by-default authorize layer, called from every context function and scoped by tenant.

The production takeaway

Authorization is a decision, not a sprinkle of `if` statements — route every access check through one gate that denies by default.

Inside this skill

The full skill expands these implementation areas with decisions, edge cases, prompts, tests, and framework-specific code.

Security, testing, and operations

What this helps you build

A single, auditable authorization layer : one place that answers "is this actor allowed to do this action on this resource?" Every context function asks that one gate before it tou

🔒

Security, testing, and operations

When to use this

Reach for a centralized authorization layer the moment access depends on more than "is this user logged in?" Concretely, you need it when you have: Roles or permissions owner, admi

🔒

Security, testing, and operations

The core idea

Every access decision goes through one function — call it authorize/3 or can?/3 — and that function denies by default . There is exactly one place that says "yes": the policy. Ever

🔒

Unlock the full implementation

Paid access includes the complete skill body, implementation prompt, common mistakes, production checklist, and code examples where this skill includes them.

Unlock all skills — $199 Browse the library