access-control-matrix
Design RBAC/ABAC policies and permission boundaries.
Best use case
access-control-matrix is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Design RBAC/ABAC policies and permission boundaries.
Teams using access-control-matrix should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/access-control-matrix/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How access-control-matrix Compares
| Feature / Agent | access-control-matrix | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Design RBAC/ABAC policies and permission boundaries.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Access Control Matrix ## Purpose - Design RBAC/ABAC policies and permission boundaries. ## Preconditions - Access to system context (repos, infra, environments) - Confirmed requirements and constraints - Required approvals for security, compliance, or governance ## Inputs - Problem statement and scope - Current architecture or system constraints - Non-functional requirements (performance, security, compliance) - Target stack and environment ## Outputs - Design or implementation plan - Required artifacts (diagrams, configs, specs, checklists) - Validation steps and acceptance criteria ## Detailed Step-by-Step Procedures 1. Clarify scope, constraints, and success metrics. 2. Review current system state, dependencies, and integration points. 3. Select patterns, tools, and architecture options that match constraints. 4. Produce primary artifacts (docs/specs/configs/code stubs). 5. Validate against requirements and known risks. 6. Provide rollout and rollback guidance. ## Decision Trees and Conditional Logic - If compliance or regulatory scope applies -> add required controls and audit steps. - If latency budget is strict -> choose low-latency storage and caching. - Else -> prefer cost-optimized storage and tiering. - If data consistency is critical -> prefer transactional boundaries and strong consistency. - Else -> evaluate eventual consistency or async processing. ## Error Handling and Edge Cases - Partial failures across dependencies -> isolate blast radius and retry with backoff. - Data corruption or loss risk -> enable backups and verify restore path. - Limited access to systems -> document gaps and request access early. - Legacy dependencies with limited change tolerance -> use adapters and phased rollout. ## Tool Requirements and Dependencies - CLI and SDK tooling for the target stack - Credentials or access tokens for required environments - Diagramming or spec tooling when producing docs ## Stack Profiles - Use Profile A, B, or C from `skills/STACK_PROFILES.md`. - Note selected profile in outputs for traceability. ## Validation - Requirements coverage check - Security and compliance review - Performance and reliability review - Peer or stakeholder sign-off ## Rollback Procedures - Revert config or deployment to last known good state. - Roll back database migrations if applicable. - Verify service health, data integrity, and error rates after rollback. ## Success Metrics - Measurable outcomes (latency, error rate, uptime, cost) - Acceptance thresholds defined with stakeholders ## Example Workflows and Use Cases - Minimal: apply the skill to a small service or single module. - Production: apply the skill to a multi-service or multi-tenant system.
Related Skills
adb-android-control
Comprehensive Android device control via ADB (Android Debug Bridge). Use when user asks about: Android device management, app installation/uninstallation, APK operations, package management, file transfer (push/pull), screenshots, screen recording, input simulation (tap/swipe/text/keyevents), shell commands, logcat viewing, device info (battery/memory/storage), automation scripts, wireless ADB connection, scrcpy mirroring. Keywords: adb, android, phone, tablet, device, apk, install app, uninstall app, screenshot, screen record, tap, swipe, type text, keyevent, logcat, push file, pull file, shell, package, activity, intent, broadcast, dumpsys, getprop, settings, input, sendevent, monkey, am start, pm list, device info, battery status, wireless adb, connect device.
accessing-google-workspace
gcloud CLI を使用して Google Sheets/Docs にアクセス。 ユーザーが Google Sheets/Docs の URL を共有したとき、または スプレッドシート, Sheets, Docs, Google ドキュメントに言及したときに使用。
accessing-github
Performs git operations and interacts with GitHub. Used when git-related operations are needed, including: git commands (commit, push, pull, branch, merge, etc.), GitHub API interactions, gh CLI operations, pull request operations, issue analysis and operations.
accessing-github-repos
GitHub repository access in containerized environments using REST API and credential detection. Use when git clone fails, or when accessing private repos/writing files via API.
accessible-web-dev
Build WCAG 2.1 AA compliant web applications for University of Sheffield. Covers semantic HTML, ARIA patterns, form accessibility, keyboard navigation, color contrast, alt text, captions, and automated testing. Use when creating websites, web apps, forms, interactive components, or auditing accessibility for WCAG compliance, screen readers, keyboard access, or inclusive design.
accessible-notifications
Guidance for accessible user notifications and feedback. AUTO-TRIGGER when implementing: toasts, snackbars, notifications, alerts, flash messages, status messages, success/error feedback, or any transient UI messages. Triggers include: "toast", "snackbar", "notification", "flash message", "notify user", "show success", "show error", "feedback message", "status update", "auto-dismiss", "popup message". Use this skill BEFORE implementing any toast-like patterns to ensure accessibility compliance.
accessible-motion
Use when implementing reduced motion alternatives, vestibular-safe animations, WCAG compliance, or designing for users with motion sensitivity.
accessibility
Build WCAG 2.1 AA compliant websites with semantic HTML, proper ARIA, focus management, and screen reader support. Includes color contrast (4.5:1 text), keyboard navigation, form labels, and live regions. Use when implementing accessible interfaces, fixing screen reader issues, keyboard navigation, or troubleshooting "focus outline missing", "aria-label required", "insufficient contrast".
accessibility-wcag
Build accessible web applications following WCAG 2.1/2.2 guidelines with proper semantic HTML, ARIA attributes, keyboard navigation, screen reader support, and inclusive design. Use when implementing ARIA labels and roles, ensuring keyboard navigation, supporting screen readers, providing text alternatives for images, managing focus, creating accessible forms, building inclusive UI components, testing with accessibility tools, meeting WCAG compliance levels, or designing for users with disabilities.
accessibility-validation
Validate digital outputs for compliance with accessibility standards (e.g., WCAG, Section 508). Use when reviewing reports, dashboards, documents, or interfaces from pilot projects to identify and remediate accessibility barriers.
accessibility-ux-audit
Audit and enhance accessibility and UX across all pages and components.
accessibility-testing
WCAG 2.2 compliance testing, screen reader validation, and inclusive design verification. Use when ensuring legal compliance (ADA, Section 508), testing for disabilities, or building accessible applications for 1 billion disabled users globally.