A comprehensive skill for AI agents to author, review, and refactor OpenFGA authorization models following best practices.
npx skills add openfga/agent-skillsThis skill provides guidelines and patterns for:
- Authorization Model Design - Types, relations, and permission structures
- Relationship Patterns - Direct, concentric, indirect, and conditional relationships
- Testing & Validation -
.fga.yamltest files and CLI usage - Custom Roles - User-defined roles and role assignments
- SDK Integration - Code examples for JavaScript, Go, Python, Java, and .NET
| Category | Impact | Description |
|---|---|---|
| Core Concepts | CRITICAL | Types, relations, tuples, schema basics |
| Relationship Definitions | CRITICAL | Direct, concentric, indirect patterns |
| Testing & Validation | HIGH | .fga.yaml structure, assertions, CLI |
| Model Design | HIGH | Permissions, hierarchies, naming |
| Custom Roles | MEDIUM | User-defined and resource-specific roles |
| Optimization | MEDIUM | Simplification, tuple minimization |
| SDK Integration | HIGH | Language-specific client usage |
The skill triggers when working with:
.fgamodel files.fga.yamltest files- OpenFGA relationship definitions
- Permission structures and authorization logic
- OpenFGA SDK code in any supported language
Includes complete examples for:
- JavaScript/TypeScript -
@openfga/sdk - Go -
github.com/openfga/go-sdk - Python -
openfga_sdk(async and sync) - Java -
dev.openfga:openfga-sdk - .NET -
OpenFga.Sdk
openfga/
├── SKILL.md # Quick reference and metadata
├── AGENTS.md # Comprehensive guide for agents
├── README.md # This file
└── rules/
├── core-*.md # Core concept rules
├── relation-*.md # Relationship pattern rules
├── test-*.md # Testing rules
├── design-*.md # Design pattern rules
├── roles-*.md # Custom role rules
├── optimize-*.md # Optimization rules
├── workflow-*.md # Workflow rules
└── sdk-*.md # SDK-specific rules
The AGENTS.md file is generated from the individual rule files in rules/. To regenerate it after making changes:
node scripts/build-agents-md.jsThe script reads:
- Section order and rule order from
skills/openfga/SKILL.md - Individual rule content from
skills/openfga/rules/*.md
When adding new rules:
- Create the rule file in
rules/with the appropriate prefix (e.g.,core-,relation-,test-) - Add the rule to the corresponding section in
SKILL.mdunder Quick Reference - Run the build script to regenerate
AGENTS.md
Once installed, AI agents will automatically apply these best practices when:
- Creating new OpenFGA models
- Reviewing existing authorization code
- Writing relationship tuples
- Implementing permission checks in application code
- Setting up model tests
APACHE 2.0