AgentSkillsCN

user-onboarding

在 Google Workspace、Slack、Linear 以及 GitHub 上为新团队成员进行配置与管理。通过 GAM 创建邮箱账户,发送 Slack 工作区邀请,将用户添加至 Linear,并邀请加入 GitHub 组织。适用于新员工入职、创建用户账户,或为新团队成员进行初始配置时使用。可通过“入职用户”、“新团队成员”、“配置用户”、“添加员工”或“创建账户”等短语进行触发。

SKILL.md
--- frontmatter
name: user-onboarding
description: Provision new team members across Google Workspace, Slack, Linear, and GitHub. Creates email accounts with GAM, sends Slack workspace invites, adds users to Linear, and invites to GitHub organization. Use when onboarding new employees, creating user accounts, or setting up new team members. Triggers on "onboard user", "new team member", "provision user", "add employee", or "create accounts for".

User Onboarding

Provision new team members across multiple services: Google Workspace (email), Slack, Linear, and GitHub.

Prerequisites

Google Workspace (GAM)

Verify GAM is installed and authenticated:

bash
export PATH="$HOME/bin/gamadv-xtd3:$PATH"
gam version
gam info domain

If GAM is not installed:

bash
bash <(curl -s -S -L https://raw.githubusercontent.com/taers232c/GAMADV-XTD3/master/src/gam-install.sh)
gam oauth create

Slack

Slack invite requires manual action via the admin console (automated invites require Enterprise Grid plan).

The skill will open the Slack invite page using browser automation tools if available.

Linear

Linear user invites are done via the team settings page using browser automation.

Linear workspace: https://linear.app/certiv/settings/members

GitHub

GitHub organization invites use the gh CLI tool.

Verify gh CLI is installed and authenticated:

bash
gh auth status
gh org list

If not authenticated:

bash
gh auth login

GitHub organization: Certiv-ai

Workflow

Step 1: Gather User Information

Ask the user for (use AskUserQuestion tool):

Required:

  • First name
  • Last name
  • Username (used for email and Slack)
  • Personal email (for sending onboarding credentials)

Optional:

  • Organizational unit (Google Workspace)
  • Google groups to add
  • Slack channels to add

Step 2: Parse Arguments

If arguments are provided in format "First Last as username":

  • Extract first name, last name, and username
  • Example: "Paul Szabo as szabop" → First: Paul, Last: Szabo, Username: szabop

Step 3: Provision Google Workspace

Check if user exists

bash
export PATH="$HOME/bin/gamadv-xtd3:$PATH"
gam info user <username>@<domain> 2>&1

Generate password

bash
openssl rand -base64 12

Create user

bash
export PATH="$HOME/bin/gamadv-xtd3:$PATH"
gam create user <username>@<domain> \
  firstname "<first_name>" \
  lastname "<last_name>" \
  password "<password>" \
  changepassword on \
  org "<ou_path>"

Add to groups (if specified)

bash
export PATH="$HOME/bin/gamadv-xtd3:$PATH"
gam update group <group@domain> add member <username>@<domain>

Step 4: Provision Slack

Slack API invites require Enterprise Grid plan. For Pro/Free plans, use browser automation or manual invite.

Method A: Browser Automation (Preferred)

Use the Claude-in-Chrome MCP tools to automate the invite:

  1. Open the Slack invite page:
code
mcp__claude-in-chrome__navigate to https://certiv-workspace.slack.com/admin/invites
  1. Fill in the email field and submit the invite form

  2. Confirm the invite was sent

Method B: Manual Invite

If browser automation is unavailable, provide the user with instructions:

Slack Invite Required:

  1. Open: https://certiv-workspace.slack.com/admin/invites
  2. Enter email: <email>
  3. Click "Send"

Or use invite link if workspace has one enabled.

Step 5: Provision Linear

Linear workspace invites require manual action through the app.

Invite Steps

  1. Open Linear and press Cmd+K (or Ctrl+K) to open command palette
  2. Type "invite" and select "Invite people to workspace"
  3. Enter the user's email address: <username>@certiv.ai
  4. Select role: Member
  5. Click "Send invites"

Alternative:

Note: The new user must first be invited to the WORKSPACE before they can be added to specific teams. Once they accept the invite, they'll appear in the team members list.

Step 6: Provision GitHub

Invite the user to the GitHub organization using the gh CLI.

Check Authentication

bash
gh auth status

Invite to Organization

bash
gh api orgs/Certiv-ai/invitations -X POST -f email="<username>@certiv.ai" -f role=direct_member

Roles available:

  • direct_member - Regular member (default)
  • admin - Organization administrator
  • billing_manager - Billing manager only

Alternative: Browser Method

If the gh CLI is not available or the API call fails:

  1. Open: https://github.com/orgs/Certiv-ai/people
  2. Click "Invite member"
  3. Enter email: <username>@certiv.ai
  4. Select role: Member
  5. Click "Send invitation"

Verify Invitation Sent

bash
gh api orgs/Certiv-ai/invitations --jq '.[].email'

Step 7: Send Welcome Email

Send a welcome email to the new user's personal email with their onboarding information.

Important: Send to personal email, not Certiv email - they need the password to access their Certiv account!

Using GAM (Preferred)

bash
export PATH="$HOME/bin/gamadv-xtd3:$PATH"
gam sendemail <personal_email> subject "Welcome to Certiv - Your Account Information" message "
Hi <first_name>,

Welcome to Certiv! Your accounts have been created and you're ready to get started.

=== YOUR ACCOUNTS ===

📧 EMAIL
   Address: <username>@certiv.ai
   Temporary Password: <password>
   Sign in: https://mail.google.com
   ⚠️ You must change your password on first login

💬 SLACK
   Workspace: certiv-workspace.slack.com
   Check your email for an invitation to join

📋 LINEAR (Project Management)
   Check your email for an invitation to join
   URL: https://linear.app/certiv

🐙 GITHUB
   Check your email for an invitation to join
   Organization: https://github.com/Certiv-ai

=== GETTING STARTED ===

1. Sign into Google (mail.google.com) with your new email and temporary password
2. Change your password when prompted
3. Accept the Slack invitation from your email
4. Accept the Linear invitation from your email
5. Accept the GitHub invitation from your email
6. Set up 2-factor authentication for all accounts

=== NEED HELP? ===

If you have any questions or issues, reach out to IT support.

Welcome aboard!
"

Using Google Workspace MCP Tools (Alternative)

If the mcp__google_workspace__send_gmail_message tool is available:

code
mcp__google_workspace__send_gmail_message
  user_google_email: "admin@certiv.ai"
  to: "<personal_email>"
  subject: "Welcome to Certiv - Your Account Information"
  body: [welcome message content]

Email Template Variables

Replace these placeholders in the email:

  • <personal_email> - The user's personal email address
  • <username> - The user's username (e.g., szabop)
  • <first_name> - The user's first name
  • <password> - The temporary password generated earlier

Step 8: Summary Report

Provide a comprehensive summary:

markdown
## User Onboarded Successfully

### Google Workspace
| Field | Value |
|-------|-------|
| Email | username@certiv.ai |
| Name | First Last |
| Temporary Password | `[password]` |
| Groups | group1, group2 |

### Slack
| Field | Value |
|-------|-------|
| Invite sent to | username@certiv.ai |
| Status | Pending acceptance |

### Linear
| Field | Value |
|-------|-------|
| Invite sent to | username@certiv.ai |
| Role | Member |
| Status | Pending acceptance |

### GitHub
| Field | Value |
|-------|-------|
| Organization | Certiv-ai |
| Invite sent to | username@certiv.ai |
| Role | direct_member |
| Status | Pending acceptance |

### Welcome Email
| Field | Value |
|-------|-------|
| Sent to | personal@email.com (personal email) |
| Contains | Account credentials, setup instructions |

### Next Steps for User
1. Check email for welcome message with credentials
2. Sign into Google and change password
3. Accept Slack invite from email
4. Accept Linear invite from email
5. Accept GitHub invite from email
6. Set up 2-factor authentication

Quick Commands Reference

Google Workspace

bash
export PATH="$HOME/bin/gamadv-xtd3:$PATH"

# List users
gam print users

# User info
gam info user <email>

# Reset password
gam update user <email> password "$(openssl rand -base64 12)" changepassword on

# List groups
gam print groups

# Add to group
gam update group <group> add member <email>

Slack

Slack invite page: https://certiv-workspace.slack.com/admin/invites

Note: Automated Slack invites via API require Enterprise Grid plan. Pro/Free plans must use the admin console.

Linear

Invite via command palette: Cmd+K → type "invite" → "Invite people to workspace"

Team members page: https://linear.app/certiv/settings/teams/CER/members

Note: Users must first be invited to the workspace before they can be added to teams. Use Cmd+K and search for "invite" to find the invite dialog.

GitHub

bash
# Check auth status
gh auth status

# Invite user to organization
gh api orgs/Certiv-ai/invitations -X POST -f email="user@certiv.ai" -f role=direct_member

# List pending invitations
gh api orgs/Certiv-ai/invitations --jq '.[].email'

# List organization members
gh api orgs/Certiv-ai/members --jq '.[].login'

# Remove a pending invitation (if needed)
gh api orgs/Certiv-ai/invitations/{invitation_id} -X DELETE

Organization members page: https://github.com/orgs/Certiv-ai/people

Error Handling

Google Workspace Errors

  • "User already exists": Offer to update or choose different username
  • "Invalid org unit": List available OUs with gam print orgs
  • "Authentication error": Run gam oauth create

Security Notes

  • Never display passwords in final output (show once, then redact)
  • Use changepassword on to force Google password change on first login