AgentSkillsCN

saas-crm-foundation

构建轻量级威胁模型与安全检查清单;针对身份认证、授权控制以及数据边界,实施相应的缓解措施与测试方案。

SKILL.md
--- frontmatter
name: saas-crm-foundation
description: Implement SaaS/CRM primitives: tenancy, RBAC, audit, idempotency, integrations readiness.

SaaS/CRM Foundation

Goal

Scaffold platform primitives expected from senior SaaS/CRM systems.

When to use

  • Building a CRM/SaaS.
  • Need tenancy, permissions, audit, integrations.

Minimal inputs (ask only if missing)

  • Tenancy model (default tenant-ready).
  • Role expectations.

Procedure (MUST)

  1. Enforce tenant scoping.
  2. Define RBAC/ABAC and enforcement.
  3. Implement audit logging.
  4. Ensure idempotency for writes/webhooks.
  5. Add abuse controls.
  6. Document API contracts.

Outputs (MUST produce)

  • Tenancy strategy.
  • AuthZ enforced.
  • Audit log.
  • Integration primitives.