npm - @luanpdd/kit-mcp - Versions diffs - 1.19.0 → 1.21.0 - Mend

@luanpdd/kit-mcp 1.19.0 → 1.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

package/README.md +1 -1
package/gates/dept-cycle-prevention.md +179 -0
package/gates/multi-tenant-rls-coverage.md +102 -0
package/gates/service-role-not-in-user-facing.md +113 -0
package/kit/agents/audit-log-implementer.md +175 -0
package/kit/agents/b2b-saas-architect.md +156 -0
package/kit/agents/crm-pipeline-implementer.md +150 -0
package/kit/agents/evolution-go-integrator.md +179 -0
package/kit/agents/invite-flow-implementer.md +137 -0
package/kit/agents/lgpd-compliance-auditor.md +206 -0
package/kit/agents/multi-tenant-isolation-auditor.md +243 -0
package/kit/agents/multi-tenant-rls-writer.md +262 -0
package/kit/agents/org-onboarding-implementer.md +202 -0
package/kit/agents/super-admin-implementer.md +182 -0
package/kit/commands/burn-rate-status.md +237 -121
package/kit/commands/multi-tenant.md +163 -0
package/kit/file-manifest.json +31 -4
package/kit/skills/_shared-multi-tenant/glossary.md +186 -0
package/kit/skills/audit-log-multi-tenant/SKILL.md +334 -0
package/kit/skills/b2b-saas-architecture/SKILL.md +300 -0
package/kit/skills/crm-lead-pipeline-patterns/SKILL.md +326 -0
package/kit/skills/evolution-go-whatsapp-integration/SKILL.md +322 -0
package/kit/skills/lgpd-multi-tenant-compliance/SKILL.md +340 -0
package/kit/skills/member-invite-flow/SKILL.md +305 -0
package/kit/skills/member-management-react-shadcn/SKILL.md +328 -0
package/kit/skills/multi-tenant-performance-scaling/SKILL.md +312 -0
package/kit/skills/multi-tenant-rls-hierarchy/SKILL.md +338 -0
package/kit/skills/org-onboarding-flow/SKILL.md +257 -0
package/kit/skills/org-switcher-react-pattern/SKILL.md +349 -0
package/kit/skills/permission-gate-react-pattern/SKILL.md +271 -0
package/kit/skills/rbac-permissions-matrix-supabase/SKILL.md +301 -0
package/kit/skills/super-admin-platform-pattern/SKILL.md +322 -0
package/kit/skills/whatsapp-conversation-state-machine/SKILL.md +287 -0
package/package.json +6 -2
package/src/mcp-server/index.js +34 -3

package/kit/commands/multi-tenant.md ADDED Viewed

@@ -0,0 +1,163 @@
+---
+name: multi-tenant
+description: Orquestrador da Suíte Multi-Tenant SaaS B2B — dispatch para agents especializados (architect, rls, onboarding, invite, super-admin, audit-log, whatsapp, crm, lgpd, isolation-audit) com sinônimos PT/EN.
+argument-hint: "<subcomando> [args...]"
+allowed-tools:
+  - Read
+  - Write
+  - Bash
+  - Grep
+  - Glob
+  - Task
+  - AskUserQuestion
+---
+<objective>
+Orquestrador único da Suíte Multi-Tenant SaaS B2B v1.21. Recebe um subcomando e args, faz dispatch via `Task(subagent_type=<multi-tenant-agent>)` para o agent especializado correto. É o **único ponto de chain de agents da Suíte Multi-Tenant** — agents permanecem função pura (anti-pitfall A10 v1.8).
+**Cross-Suite Invocation Pattern (introduzido v1.21):** Agents da Suíte Multi-Tenant **delegam para agents da Suíte Supabase v1.8** quando precisam materializar SQL, Edge Functions, RLS policies, Realtime, Storage. Padrão canônico:
+- `b2b-saas-architect` → delega plano de migration para `supabase-migration-writer`
+- `multi-tenant-rls-writer` → herda anti-pitfalls de `supabase-rls-writer` via cross-ref
+- `evolution-go-integrator` → delega Edge Function code para `supabase-edge-fn-writer`
+- `audit-log-implementer` → usa skill `supabase-cron-queues` para retention scheduling
+- `org-onboarding-implementer` → invoca `supabase-migration-writer` para migration + `supabase-edge-fn-writer` para wizard
+**Cria/Atualiza:** o que cada agent invocado cria/atualiza (skills consultadas, migrations propostas, Edge Functions, agents implementers).
+**Após:** o usuário tem o output do agent (plano, código, SQL, ou veredito de auditoria).
+</objective>
+<execution_context>
+Skills consultadas pelos agents: `kit/skills/{b2b-saas-architecture,multi-tenant-rls-hierarchy,rbac-permissions-matrix-supabase,multi-tenant-performance-scaling,org-onboarding-flow,member-invite-flow,super-admin-platform-pattern,audit-log-multi-tenant,lgpd-multi-tenant-compliance,evolution-go-whatsapp-integration,whatsapp-conversation-state-machine,crm-lead-pipeline-patterns,org-switcher-react-pattern,permission-gate-react-pattern,member-management-react-shadcn}/SKILL.md` + `kit/skills/_shared-multi-tenant/glossary.md` + cross-ref ATIVO para `kit/skills/_shared-supabase/glossary.md`.
+Agents disponíveis (Suíte Multi-Tenant v1.21): `kit/agents/{b2b-saas-architect,multi-tenant-rls-writer,multi-tenant-isolation-auditor,lgpd-compliance-auditor,org-onboarding-implementer,invite-flow-implementer,super-admin-implementer,audit-log-implementer,evolution-go-integrator,crm-pipeline-implementer}.md`.
+Agents Suíte Supabase v1.8 invocados via cross-suite delegation: `supabase-architect`, `supabase-migration-writer`, `supabase-rls-writer`, `supabase-edge-fn-writer`, `supabase-realtime-implementer`, `supabase-storage-implementer`, `supabase-auth-bootstrapper`.
+</execution_context>
+<context>
+**Argumentos:** `$ARGUMENTS` — primeiro token é o subcomando; restante é passado para o agent como prompt.
+**Subcomandos suportados (sinônimos PT-BR/EN):**
+| Subcomando | Sinônimos | Agent dispatched |
+|---|---|---|
+| `arquiteto` | `architect`, `arch` | `b2b-saas-architect` |
+| `rls-tenant` | `rls`, `policies` | `multi-tenant-rls-writer` |
+| `isolation-audit` | `audit-tenancy`, `auditar-tenancy` | `multi-tenant-isolation-auditor` |
+| `lgpd-audit` | `lgpd`, `compliance`, `compliance-audit` | `lgpd-compliance-auditor` |
+| `onboarding` | `org`, `onboard` | `org-onboarding-implementer` |
+| `convite` | `invite`, `invitation` | `invite-flow-implementer` |
+| `super-admin` | `admin`, `platform-admin` | `super-admin-implementer` |
+| `audit-log` | `audit`, `auditoria-log` | `audit-log-implementer` |
+| `whatsapp` | `evolution-go`, `wpp`, `evolution` | `evolution-go-integrator` |
+| `crm` | `pipeline`, `crm-pipeline`, `leads` | `crm-pipeline-implementer` |
+| `help` | `ajuda`, `?` | exibe esta tabela inline |
+**Aliases globais para o nome da suíte:** `multi-tenant`, `b2b`, `tenant`, `escritorio`, `tenancy` (todos roteiam para este orquestrador via `/multi-tenant`).
+**Detect `supabase/config.toml`:** se presente, extrai `project_id` e passa como contexto para o agent (mesmo pattern de `/supabase` v1.8).
+</context>
+<process>
+## 1. Parsear Subcomando
+```bash
+SUBCMD=$(echo "$ARGUMENTS" | awk '{print $1}')
+ARGS=$(echo "$ARGUMENTS" | cut -d' ' -f2-)
+```
+**Se `$ARGUMENTS` for vazio ou `SUBCMD` for `help`/`ajuda`/`?`:** exibir tabela de subcomandos inline + exemplo de uso. Sair.
+## 2. Resolver Sinônimos
+Mapear `SUBCMD` para agent name canônico:
+```
+arquiteto, architect, arch                     → b2b-saas-architect
+rls-tenant, rls, policies                      → multi-tenant-rls-writer
+isolation-audit, audit-tenancy, auditar-tenancy → multi-tenant-isolation-auditor
+lgpd-audit, lgpd, compliance, compliance-audit → lgpd-compliance-auditor
+onboarding, org, onboard                       → org-onboarding-implementer
+convite, invite, invitation                    → invite-flow-implementer
+super-admin, admin, platform-admin             → super-admin-implementer
+audit-log, audit, auditoria-log                → audit-log-implementer
+whatsapp, evolution-go, wpp, evolution         → evolution-go-integrator
+crm, pipeline, crm-pipeline, leads             → crm-pipeline-implementer
+```
+**Se subcomando não resolve:** exibir erro inline com lista de subcomandos válidos. Sair.
+```
+✗ Subcomando desconhecido: '<SUBCMD>'
+Subcomandos válidos:
+  arquiteto / architect       → projetar schema multi-tenant + RLS hierarchy + RBAC matrix antes de implementar
+  rls-tenant / rls            → gerar policies RLS hierárquicas (org/dept/role/permission/super-admin)
+  isolation-audit / audit-tenancy → auditar gaps de isolamento cross-tenant (RLS missing, JOIN cross-tenant)
+  lgpd / compliance           → auditar gaps LGPD per-tenant (DSR, consent, erasure, retention)
+  onboarding / org            → fluxo signup → criar org → primeiro admin → setup wizard
+  convite / invite            → token-based invite + accept flow + role assignment
+  super-admin / admin         → cross-tenant view + impersonation + audit obrigatório
+  audit-log / audit           → tabela append-only + retention pg_cron + PII sanitization
+  whatsapp / evolution-go     → webhooks Evolution Go + Meta Cloud + HMAC + idempotency
+  crm / pipeline              → state machine PG triggers + ownership transfer + lead dedup
+  help / ajuda / ?            → exibe tabela de subcomandos
+Uso: /multi-tenant <subcomando> <args...>
+Exemplos:
+  /multi-tenant arquiteto "app B2B advocacia com escritorios + departamentos"
+  /multi-tenant rls "gerar policies hierárquicas para tabela leads"
+  /multi-tenant whatsapp "webhook Evolution Go para org acme"
+  /multi-tenant lgpd "auditar gaps LGPD do projeto"
+```
+## 3. Detectar `supabase/config.toml`
+```bash
+if [ -f supabase/config.toml ]; then
+  PROJECT_ID=$(grep -E '^project_id\s*=' supabase/config.toml | sed 's/.*= *"\(.*\)".*/\1/' | head -1)
+fi
+```
+Se presente, anexar `project_id=<value>` ao prompt do agent. Se ausente, agent funciona sem.
+## 4. Dispatch
+Invocar `Task(subagent_type=<agent_name>, prompt=<built_prompt>)`.
+**Prompt construído:**
+```
+{ARGS}
+{Se project_id detectado:}
+project_id: {PROJECT_ID}
+{Para arquiteto: tier upfront via AskUserQuestion}
+{caller: pergunte ao user via AskUserQuestion sobre tier (Free/Pro/Team) e branches antes de produzir o plano — mesmo pattern do supabase-architect Step 1}
+```
+**Subcomando `arquiteto`:** antes de dispatch, faça `AskUserQuestion` perguntando tier (Free/Pro/Team/Enterprise) e se vai usar branches Supabase. Inclua resposta no prompt. (Cross-suite delegation: o `b2b-saas-architect` invoca `supabase-architect` no final via Task() handoff para a parte tier/branches/realtime.)
+**Subcomando `isolation-audit`:** dispatch para `multi-tenant-isolation-auditor` que requer MCP Supabase ativo. Se MCP indisponível, agent declara modo offline e produz checklist baseado apenas em arquivos do repo (sem `pg_class` query).
+**Subcomando `lgpd`:** mesma lógica — agent funciona offline mas perde precisão sem MCP.
+## 5. Output
+Output do agent é o output do command. Sem post-processing — agent já formata estruturado.
+</process>
+<success_criteria>
+- [ ] Subcomando resolvido para agent canônico (10 subcomandos × seus sinônimos)
+- [ ] `project_id` extraído de `supabase/config.toml` se presente
+- [ ] Subcomando `arquiteto` faz `AskUserQuestion` upfront sobre tier + branches
+- [ ] Dispatch via `Task(subagent_type=...)` — único ponto de chain de agents da Suíte Multi-Tenant
+- [ ] Subcomando inválido → mensagem clara com lista
+- [ ] Subcomando `help`/`ajuda`/`?` → exibe tabela inline
+- [ ] Args após subcomando passam transparentemente para o agent
+- [ ] Cross-suite invocation documentada (agents v1.21 → agents v1.8)
+</success_criteria>

package/kit/file-manifest.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
-  "version": "1.19.0",
-  "timestamp": "2026-05-09T17:53:53.960Z",
+  "version": "1.21.0",
+  "timestamp": "2026-05-10T15:32:12.077Z",
   "files": {
     "COMANDOS.md": "d24ec61a6ec35db314cc5f2ae287bfb927b794789c8f1d558c55862f5e6534b2",
     "COMPATIBILITY.md": "794e336a87045cdf0161785b9a7a0975a49abbd80bdd816b8852251fcc8126ca",
@@ -8,21 +8,30 @@
     "agents/advisor-researcher.md": "2ecc52247af1f379c7d0a85847a966095f71d8e5a6140f62611f04c9e4fe264b",
     "agents/ai-mutation-tester.md": "bbdedc2d41440340c403bf4b71fb902eec057f3771667703c32309885aa4f4db",
     "agents/assumptions-analyzer.md": "b730268a8c588bc16e30330df874f64d1dc0bbd4573e696f7a316ea9e4c1f57c",
+    "agents/audit-log-implementer.md": "b8520400c6dfd27ec3675ee84fdac6f8bddb314e4800b6edcac9bbc761a726ae",
+    "agents/b2b-saas-architect.md": "6e613518b6c101a1d7cf0d86ef9337347662db863e47a492c3a2415a9b43ec3d",
     "agents/burn-rate-forecaster.md": "a4f2efccc7073ef0ab1a225895f68dff7c95d4f9e1c04319569cad47c13dffac",
     "agents/cascading-failures-auditor.md": "6c44929a90a2fc59d3ba59dd67814a85dc08f1b86d41933c5f19cefc8d33bdd5",
     "agents/codebase-mapper.md": "e1500018c3c67c8408f6b9fbc2543221d69c2884083d14327fe27e751fc920bc",
+    "agents/crm-pipeline-implementer.md": "bf097760f52a7d30e329c8e3049676efebfd677d40a29e05e0e961e2128e4d1f",
     "agents/debugger.md": "bc9bf46863af9028920780f21894778f3c07f1f02dc2ad84246520f54d33a6f0",
+    "agents/evolution-go-integrator.md": "841b0d1fa1c962def8d47f8dc159a21a896a7fa6d7888eb42b6827d0bcab53e6",
     "agents/example-reviewer.md": "cad1dcd4cafffc73e96de653809fdc2a9a8b1d8dc51865efd4d1daaf4284755f",
     "agents/executor.md": "bc3af696fd820d32b0c5742c3c27a5f0ae527ae1627fb967b549ac193b34a853",
     "agents/golden-signals-instrumenter.md": "de85b79ea09157ccc37c2de0facc3e6d4b9dba087e780330bc78be9ddd447297",
     "agents/incident-investigator.md": "521fcd4add75d2d4668162d19373823a9826bc45f23afdaf813b19f34113082d",
     "agents/integration-checker.md": "15c2badc2a8b650b7229e9ba32f481b08370afd3b80f41c7ae1c4cda7652811e",
+    "agents/invite-flow-implementer.md": "8ed29134ef89b1464df618c5ee9e7bbc9e2a28d235f72614f4a9b6535c2a38ed",
     "agents/legacy-characterizer.md": "1e9da6e7a0518a19788052e60554740f582fa2cd27b8dc1dc73251df3e712714",
+    "agents/lgpd-compliance-auditor.md": "ddde11f1867340b7e10c336696157538d1666df97997fcedc4dcaf997937fc56",
     "agents/load-shedding-instrumenter.md": "63db224e3d8033a18cfe47ec8fc631685e356bf456d98b35c9c5d42d80fc5630",
+    "agents/multi-tenant-isolation-auditor.md": "eb4546c339469b5c9928786071a28807db38ec3e18213001e12a58e179938b2d",
+    "agents/multi-tenant-rls-writer.md": "cd23e46cf5d00ed09bf1a1a1f51f517d75531d1a9078d46239eab4abcd67de20",
     "agents/nyquist-auditor.md": "1d7590f356714eaacbdc92831dd100f9ca230a9c461e34223eb4bdf67ebaf076",
     "agents/observability-coverage-auditor.md": "e2c68e145182446ec47753b63063fea1d12b4356b390f33dffd4890f2c1a4352",
     "agents/observability-instrumenter.md": "6d40d96fdc3281b85d7db6d2e82f0e018945f2d148ab1b39c951774e6873aad2",
     "agents/omm-auditor.md": "8e09dca83495ba869f0f4c79c156f909a22b272e9ed77a0fe8a6658887cff7c0",
+    "agents/org-onboarding-implementer.md": "c63dc139be4b03db2019c83f75a21c37b2005eebd1638012b4a5b3f6ed9b60cf",
     "agents/payload-capture-instrumenter.md": "f1517b1a5d5cb10f8229de7402d4b6a786e8bd0ac9f6de3701a0a9dcebeb6cd5",
     "agents/phase-researcher.md": "3e431d8d6bd4f1459b049771a30f7176cfb6ccc21bf49e8a4cfb0bb03f9e7f7d",
     "agents/plan-checker.md": "32982f3713b4251d123e981c3f723c2a8702625edbbba4d862d64155086b94ae",
@@ -46,6 +55,7 @@
     "agents/supabase-realtime-implementer.md": "e10d7f723734da0dd930d6e0481e2afb2abde5b470d9c45e4364889dac19f3d6",
     "agents/supabase-rls-writer.md": "0ac667ba0f6543699b0053e5e8ec3eca43aff6e3307adde3959e9ce2056a9136",
     "agents/supabase-storage-implementer.md": "28d57bc1750acb5b0624ecc33bac6e7855e16dec40df4c490865df885a0980f8",
+    "agents/super-admin-implementer.md": "dd3d7897396d96ad3a1a91e43128f1fac26c010b8974b08f1d0ddc6cf2e831c3",
     "agents/toil-auditor.md": "58770f11805e7b3d8cc7b70d79ed73a6a33dc7d17b66fdc7716454406acefd61",
     "agents/ui-auditor.md": "a94816e9535757b02c6fcc8ae1e51f6378813c9f256e26859e01757e49c38d31",
     "agents/ui-checker.md": "be3308db8733d8f9ce3db1d2cef924738498ed03c7aa15c0fca21a9c15e79da2",
@@ -68,7 +78,7 @@
     "commands/auditar-uat.md": "83e9f21584938350ee96ef0f0bb870786537bf38220c7a8ec0e04d06659c6bda",
     "commands/autonomo.md": "ae5746a8b9cd63d9ac8cf2774b8b466789ccefec3d9e267dcb98d97481ede57f",
     "commands/branch-pr.md": "77866ec7ef8d65ad6cea9d17491b7c7605238b3a3505dd3e128f18cd150c9be4",
-    "commands/burn-rate-status.md": "040fcc64b00bf5bcb9b69b7d3c1ef729647ddf0060d232fe061ea70b242747cf",
+    "commands/burn-rate-status.md": "29f127472a5862f3071e95f596d8410551a43b8b811d1801c36075fa13201fc3",
     "commands/capturar-payloads.md": "507d009d9fb28fe12d18c3d3a599fbb23605254564e5753b056e0f32fb92f20b",
     "commands/caracterizar-prompt.md": "996b923d6c807d94be77d14dbfec3fdabf98d3bf111f6928932421b724847fb3",
     "commands/caracterizar.md": "994ce4136ba44b74890874f3274c26bcdc9f4feb5f4852cb0288687142ab1403",
@@ -101,6 +111,7 @@
     "commands/listar-workspaces.md": "4689e7bcaa119ed0704ef38c12d26eba49737c8c119d4db3535084ea26eb5aba",
     "commands/load-shedding.md": "cf51027e9a19b65aaf0e8f2f299bedb8a623fc82bc142f348583ca21e1ab2e73",
     "commands/mapear-codebase.md": "ae487831eae8895bf516f22fd5ad31d6da5682e33d4571b8e2a1a6682a47b6e9",
+    "commands/multi-tenant.md": "2871a76648279ea007b37cc0dcf13e53d2b7647d7d64d8d46c750e9bbdd4fc21",
     "commands/nota.md": "cef5a3539ef53f48e91070b99dc84bc81b0cf26b13629562c8615e17d276b50b",
     "commands/novo-marco.md": "8aa272baf4d4798f399fc52693969c8ce1989c5a8413976046b3848feb7002c2",
     "commands/novo-projeto.md": "8d7b1ab05be01c440e9926cb51805476dec547d778724fef5c4d098c750d4f67",
@@ -282,17 +293,22 @@
     "hooks/workflow-guard.js": "197f1921c971236174f2f7cd65ae51e36ce5ac0ecbeac25c518ca379525fb0f6",
     "settings.json": "39e3e9bd40bc30a00c1790071462651e8ba6e52f5f16455a8f7bbacd7bde1827",
     "skills/_shared-legacy/glossary.md": "7dabc31ddd3b2b597f76d1a55ef51b0bd59315aaef59245873c224c4fd21c86d",
+    "skills/_shared-multi-tenant/glossary.md": "1e040a36025489859312430771dde13bde9c62098fcd100440a82a2bb4d22b6a",
     "skills/_shared-observability/glossary.md": "ec3892c226af03299c0875e36fd0170cc9f801b02df52a2e0ec5c7468229912a",
     "skills/_shared-sre/glossary.md": "55a052c7d2292622150ed1cbb5aa0d675c332287b00ee4e3dd84900f9cf0ec84",
     "skills/_shared-supabase/glossary.md": "2ebb4e09d9eda88a4f388f406f5cdb36fafa26a3ce6fb33d5c1976bcfac19327",
     "skills/ai-prompt-characterization/SKILL.md": "1a8114296c754e2018b1c1fd428c364f8de4485fedd5df78d3afcb33c3fef1a4",
+    "skills/audit-log-multi-tenant/SKILL.md": "8a7bc9b35f203098049a34b4dd5ec9693800ee1d8bf52f9c2bf0a78583c84323",
+    "skills/b2b-saas-architecture/SKILL.md": "01f39621cb924a885b3a097e9012d6dba637fcd9e543cd82505261190c227989",
     "skills/blameless-postmortems/SKILL.md": "55c386c055c869474b6164c0b871a882369a5e57ddf7de8eddcd881ceba70dfa",
     "skills/burn-rate-alerting/SKILL.md": "19cbd991efbb3b5d9ab6c53ada448b2624e6ab3f87ac500c0787bc4c8f2988e3",
     "skills/cascading-failures/SKILL.md": "d308982fea601e8b9fa3ae9ec4bb7052475b57b039323f7398a956199f5edcd4",
     "skills/core-analysis-loop/SKILL.md": "298f27d1706abe0e64fa7dfa925eba3255328dccd03b24589be1e80d6d673dd3",
+    "skills/crm-lead-pipeline-patterns/SKILL.md": "15ec4522d1c4f0a571fdc9db989552c5f72b1880ecbc4ab538435284f06d75b7",
     "skills/distributed-tracing/SKILL.md": "7747bbd0563b28cba11b11064012c0b7a696ac04bd65c64debb42987781b26ff",
     "skills/eliminating-toil/SKILL.md": "451c7dfc5dd5af925f0b38657553ddbc1cc95923b3a572ac79d18201acb136cd",
     "skills/event-based-slos/SKILL.md": "6bf107d86cc409ab24773e16f26b4eca6e228dfd2db027de7b384e88a05bd50e",
+    "skills/evolution-go-whatsapp-integration/SKILL.md": "4b964cb297ec9df7413b1cc6dd73fa3d04a8de68c584b9b72fceed576d2afebe",
     "skills/example-skill/SKILL.md": "2ddf878e69e19b0138d8a2c6a31404593fed3e229375869991ab28b469069233",
     "skills/four-golden-signals/SKILL.md": "c83bac06bb676a3a7ee24c11d9d5d72388ae8bfd21ad9e7face24c5fcebd7b60",
     "skills/hermetic-builds/SKILL.md": "56c7c5c4121a51e895d28a6bdfb6373580625b600f3b96516ba41434a4035026",
@@ -306,13 +322,22 @@
     "skills/legacy-shotgun-surgery/SKILL.md": "3b0c7c143a498ad0b7b177be046a7c94532a99afa4acb59ca5f08cc3e5db8f54",
     "skills/legacy-sprout-wrap-techniques/SKILL.md": "26c39659b0bc2ea83f1b5879ed94f9782a608c12bba15c4507bfa4a79e1b899e",
     "skills/legacy-storytelling-naked-crc/SKILL.md": "100cef2fc06b27b10f74e0ec26faaf0a04c7cb52b25f0f322368ed2c266697bf",
+    "skills/lgpd-multi-tenant-compliance/SKILL.md": "71b49e2f83410a1a38e4156a2ceb70c342dc3e91ed236be0bcddd63313d62489",
     "skills/llm-as-dependency/SKILL.md": "3c0ea7c7a923d14f62ba1d231b7c1b1fd2f09f4622e3601111a70e68f384a6f7",
     "skills/load-shedding-graceful-degradation/SKILL.md": "b261e4ff756e4aea689ccfd3c4dc721df22c6ae91b08a029db2b7a9f2a172b6f",
+    "skills/member-invite-flow/SKILL.md": "caea28f2a6c63f585f92b1fdbd113818a6f41aedef5ee9482bd60ea881f660fc",
+    "skills/member-management-react-shadcn/SKILL.md": "232fa16b9f3def2d4df46cefdcf1f82ce7db211baf3d5f8e5255ce58f21351bb",
+    "skills/multi-tenant-performance-scaling/SKILL.md": "ab38dcae7d99f7cbd2c0e38fcb388d413493e28de18983d648f6d9b6ed47fc3c",
+    "skills/multi-tenant-rls-hierarchy/SKILL.md": "a48f60272d5c5bc9be84596a9b245651f1aec91cfa87e40ea1404e57ac8c54b5",
     "skills/observability-driven-development/SKILL.md": "9abaec925bbb59391597d92164c43b432eef32884ce3b4623f419f421322fa83",
     "skills/observability-maturity-model/SKILL.md": "49bccaa9e122651fbbe5457f7fef96114f9b3e8626faf6e3a8cc6ded66c7da10",
     "skills/opentelemetry-standard/SKILL.md": "891099b62991c74598f1e1c51889475cd69ca624f92bd0e7931b2613e4f90f01",
+    "skills/org-onboarding-flow/SKILL.md": "68be27185492a93a599860a7212e935d4a6e3625ffd86348d18086657c04fa0b",
+    "skills/org-switcher-react-pattern/SKILL.md": "c246d536d1ee65a9ea0cc7ab09429ca798afb7ef3468eaaeacedc0bd450bb963",
+    "skills/permission-gate-react-pattern/SKILL.md": "2c3f8b8ac0c495af0991c5e314d962187ef0cf61982440f0959b422385b07969",
     "skills/pre-refactor-characterization/SKILL.md": "9124f9ca0636a75474ea3f6d851e587be2f75505b3a835af0a4aaa0855bd20d3",
     "skills/production-readiness-review/SKILL.md": "2a9731265163c9fe7ba4fd05ceaf164ee4d1188b0d147ddff3b13bd9d3058c04",
+    "skills/rbac-permissions-matrix-supabase/SKILL.md": "7cf6aafe6d0de895165fb67649d54147341a4f103f13624c8981fe16d2c7d2c9",
     "skills/release-engineering/SKILL.md": "01e69f50d2bb207d348552a01d0d69b6159b47573fe7e31aec53f6df52c3d057",
     "skills/retry-strategies/SKILL.md": "017a38146787592cde5c009bc06c8f483ca2b609a018d0b526972ddf5e46f52a",
     "skills/sre-risk-management/SKILL.md": "6e56a30b081abffbf9ce97e86b9c376361d6af765fe5475970f1646351c54e39",
@@ -328,7 +353,9 @@
     "skills/supabase-realtime/SKILL.md": "ca2584a59742b30f5351fad23f4a1957218ca730ce3af990affe79f03854f460",
     "skills/supabase-rls-policies/SKILL.md": "b8cab2e5813a00fea6aa19a59be94dfa536d675067c2e87c94576e97d472d16e",
     "skills/supabase-storage/SKILL.md": "f7360aa9149e55f68fa794a91c18994329e4f304cc263f90f0607e43053e9da8",
+    "skills/super-admin-platform-pattern/SKILL.md": "e3063f32f111756fbc1792767b2a26a9aef2ed16b90615cc21655acc33269ae7",
     "skills/telemetry-pipelines/SKILL.md": "7623244afdf8e6b0b865e572c8e8537c73255914a4562a95f99f22be7448f80e",
-    "skills/telemetry-sampling/SKILL.md": "d448f9022ba0f53a9f692189d2515e45fc3e9de52256bd0715b4c1374c8cc203"
+    "skills/telemetry-sampling/SKILL.md": "d448f9022ba0f53a9f692189d2515e45fc3e9de52256bd0715b4c1374c8cc203",
+    "skills/whatsapp-conversation-state-machine/SKILL.md": "8467327173d17213406e2ae2c959984e60399eee567384bc39a4592f7f09f747"
   }
 }

package/kit/skills/_shared-multi-tenant/glossary.md ADDED Viewed

@@ -0,0 +1,186 @@
+# Glossário Multi-Tenant SaaS B2B — Termos, Patterns e Convenções
+> Arquivo de referência compartilhado pelas skills da Suíte Multi-Tenant v1.21. **NÃO é skill** — não tem `description:` triggerável; não aparece em `listKit`. Cross-referenciado pelas 15 skills via Markdown link relativo.
+>
+> **Cross-suite reference ATIVO:** termos Supabase já definidos em [`_shared-supabase/glossary.md`](../_shared-supabase/glossary.md) — esta skill **não duplica**, apenas linka. Termos como `RLS`, `auth.uid()`, `app_metadata`, `service_role`, `pg_cron`, `pgmq`, `STABLE`, `SECURITY INVOKER`, `search_path = ''` são definidos lá.
+---
+## (a) Termos PT-BR ↔ EN — Multi-Tenancy Core
+### Tenancy
+| EN | PT-BR / Significado |
+|---|---|
+| **tenant** | Inquilino — entidade de top-level que isola dados entre clientes (organização/escritório). Em B2B SaaS = `organizations` row. |
+| **`org_id`** | Coluna canônica em **toda tabela multi-tenant** que identifica a qual `organizations.id` aquela linha pertence. RLS sempre filtra por `org_id`. |
+| **multi-tenant** | App que serve N tenants do mesmo deployment, com isolamento de dados entre eles (tipicamente via RLS). |
+| **single-tenant** | App que serve 1 tenant por deployment (típico enterprise on-prem). |
+| **isolation strategy** | Como tenants são separados — **single schema + `org_id`** (default 90% B2B), schema-per-tenant, ou DB-per-tenant. Ver skill [`b2b-saas-architecture`](../b2b-saas-architecture/SKILL.md). |
+| **cross-tenant query** | Query que toca dados de mais de um tenant — apenas super_admin pode executar. Sempre auditada. |
+| **tenant routing** | Mapeamento URL → tenant. Padrão canônico: `/orgs/[slug]/...`. |
+### Hierarquia
+| EN | PT-BR / Significado |
+|---|---|
+| **organization** | Tenant root. Tabela `public.organizations`. Tem `owner_id`, `plan`, `slug` (imutável). |
+| **department** | Sub-divisão opcional de uma org. Tabela `public.departments` com `org_id` FK + `parent_id` para hierarquia (até 5 níveis máx por convenção). |
+| **member** | User pertencente a uma org. Tabela `public.organization_members(org_id, user_id, role_id)`. |
+| **department member** | User pertencente a um dept. Tabela `public.department_members(dept_id, user_id, role_id)`. `role_id` NULL = herda do `organization_members`. |
+| **leader** | Membro de departamento com flag `is_leader = true`. Não é uma role — é capability adicional dentro do dept. |
+### RBAC
+| EN | PT-BR / Significado |
+|---|---|
+| **RBAC** | Role-Based Access Control — autorização por role (não por user direto). Cada user tem 1 role por org. |
+| **role** | Função/cargo dentro de uma org. Tabela `public.roles(org_id, name)`. 3 built-in (owner/admin/member) + custom permitidos. |
+| **permission** | Capacidade granular — string `<resource>:<action>` (ex: `leads:create`, `members:invite`). Tabela `public.permissions(action, resource)`. |
+| **permission matrix** | Mapeamento N:M de roles ↔ permissions. Tabela `public.role_permissions(role_id, permission_id)`. |
+| **role inheritance** | Department member sem role própria herda role do organization_members. NULL → herda; preenchido → sobrescreve. |
+| **role escalation rule** | Regra canônica: usuário só pode atribuir roles ≤ ao próprio role (admin não cria owner; member não cria admin). |
+### Super-admin
+| EN | PT-BR / Significado |
+|---|---|
+| **super_admin** | Usuário com `app_metadata.super_admin = true` (set apenas via service_role). Bypassa todas as RLS via helper function `private.is_super_admin()`. |
+| **impersonation** | Super-admin assume identidade de outro user temporariamente para suporte. **Sempre** com banner visual + reason obrigatório + TTL 30min. |
+| **platform admin** | Sinônimo de super_admin no contexto B2B SaaS. |
+| **cross-tenant view** | Lista todos tenants para super_admin (Settings → All Organizations). Apenas super_admin enxerga. |
+### Invite Flow
+| EN | PT-BR / Significado |
+|---|---|
+| **invitation token** | Hash SHA-256 de uma string aleatória de 32 bytes. Armazenado no banco; raw token enviado por email. Single-use, TTL 7 dias. |
+| **invite state machine** | `pending → accepted | rejected | cancelled | expired`. Transições enforced via trigger ou check constraint. |
+| **email-locked invite** | Invite válido apenas se quem clica está logado com email destino. Anti-pattern: link compartilhável (qualquer um aceita). |
+| **first admin** | Usuário criador da org — ganha role `owner` na criação, sem invite. |
+| **bulk invite** | UI permite invite N emails de uma vez. Cada um gera linha em `org_invites` independente. |
+### Audit Log
+| EN | PT-BR / Significado |
+|---|---|
+| **audit log** | Tabela `public.audit_logs` append-only registrando eventos críticos com `tenant_id` indexado. |
+| **append-only table** | Tabela onde `DELETE` e `UPDATE` são revogados via `REVOKE DELETE, UPDATE FROM authenticated`. Apenas service_role pode mutar (via partition swap, raramente). |
+| **event taxonomy** | 7 eventos canônicos mínimos: `login`, `member_invited`, `role_changed`, `data_exported`, `member_removed`, `settings_changed`, `super_admin_action`. |
+| **legal hold** | Flag boolean `legal_hold` em row de audit_log que **bloqueia** delete enquanto DSR LGPD está pendente. |
+| **PII sanitization** | Antes de armazenar em audit_log, hash de `actor_email` e `target_phone` (SHA-256). Nunca raw PII em log. |
+### LGPD
+| EN | PT-BR / Significado |
+|---|---|
+| **LGPD** | Lei Geral de Proteção de Dados (Brasil) — Lei 13.709/2018. Equivalente brasileiro do GDPR. |
+| **DSR** | Data Subject Request — pedido formal do titular dos dados exercendo direito previsto em Art. 18 LGPD. SLA legal 15 dias (Art. 19). |
+| **9 direitos LGPD Art. 18** | Confirmação · Acesso · Correção · Anonimização/Bloqueio/Eliminação · Portabilidade · Eliminação · Informação sobre compartilhamento · Revogação de consentimento · Revisão de decisão automatizada |
+| **anonymization** | Padrão de erasure: preservar UUID, apagar PII (`name → NULL`, `email → SHA-256 hash`, `phone → NULL`). Permite manter audit trail sem violar LGPD. |
+| **consent grain** | Granularidade do consentimento — separado por finalidade (analytics ≠ marketing ≠ third-party-share). Default opt-out (Art. 8 §5 LGPD). |
+| **adequacy decision** | Decisão da ANPD/comissão equivalente reconhecendo país como destino seguro de transferência internacional. Brasil-UE estabelecida em jan/2026. |
+### Webhooks (Evolution Go / Meta Cloud)
+| EN | PT-BR / Significado |
+|---|---|
+| **Evolution Go** | Implementação alternativa do WhatsApp via biblioteca `whatsmeow` (Go) — usa protocolo WhatsApp Web não-oficial. Não é Meta Cloud API. |
+| **Meta Cloud API** | API oficial WhatsApp Business da Meta. Requer Business Account, número aprovado, custo por conversa. |
+| **HMAC-SHA256 signature** | Validação de webhook Meta — header `X-Hub-Signature-256: sha256=<hmac>`. Computar HMAC sobre **raw body antes de JSON.parse**. |
+| **timing-safe comparison** | Comparação de strings em tempo constante (`crypto.timingSafeEqual`) para evitar timing attacks na validação HMAC. |
+| **idempotency key** | `(org_id, message_id)` unique constraint — `ON CONFLICT DO NOTHING` evita duplicatas em retry Meta (entrega at-least-once). |
+| **webhook event types** | 19 tipos documentados Evolution Go: `messages.upsert`, `messages.update`, `groups.upsert`, etc. |
+| **rate limit Meta** | 80 msg/s default. Exceder = erro 131056, escala para 24h ban. |
+| **throttle Evolution Go** | 1 msg/s (manual, biblioteca não enforce). Acima disso = ban Meta de qualquer forma (mesma infra subjacente). |
+| **conversation state machine** | Modelagem de fluxo conversa WhatsApp (lead → qualified → opt-in → conversation → action). Estados persistidos em PG (não em memória). Implementado com `xstate v5`. |
+### CRM Lead Pipeline
+| EN | PT-BR / Significado |
+|---|---|
+| **lead** | Contato em estágio inicial do funil de vendas. Tabela `public.leads(org_id, contact_email, contact_phone, stage, owner_id)`. |
+| **stages canônicos** | `lead → qualified → proposal → negotiation → won | lost`. Transições enforced via trigger BEFORE UPDATE (não só CHECK constraint que client pode burlar). |
+| **ownership transfer** | Mudar `owner_id` de um lead. Sempre dispara: notificação ao novo owner + entry em audit_log com `previous_owner_id, new_owner_id, reason`. |
+| **lead dedup** | Unique constraint `(org_id, contact_phone)` + `(org_id, contact_email)`. Lookup obrigatório antes de criar lead via integração WhatsApp. |
+| **scoring** | Pontuação de lead (manual ou auto). Diferenciador (não table stakes). Out-of-scope v1.21. |
+### React Patterns
+| EN | PT-BR / Significado |
+|---|---|
+| **org switcher** | Componente UI que troca tenant ativo. Padrão canônico: URL `/orgs/[slug]/...` (Next.js middleware) ou `useParams()` (Vite SPA). |
+| **permission gate** | Componente declarativo `<PermissionGate permission="leads:create">` que esconde UI quando user não tem permission. **Apenas UX** — server-side enforcement obrigatório via RLS. |
+| **CASL** | Biblioteca canônica RBAC para React 2026. `@casl/ability` 6.8 + `@casl/react` 4.x. Isomorfica (frontend + backend). |
+| **JWT stale** | Após mudança de role, JWT do client ainda tem role antiga até refresh (~1h). Mitigação: `supabase.auth.refreshSession()` imediatamente após operação de role change + RLS como enforcement final. |
+| **shadcn/ui** | Component library copy-paste (não NPM package). Componentes para member management: `data-table`, `dialog`, `select`, `badge`, `dropdown-menu`, `avatar`, `command`, `form`, `toast`. |
+---
+## (b) Decisões Arquiteturais Vinculantes (cristalizadas em Phase 106)
+1. **Single Schema + `org_id` + RLS** é estratégia default (90% B2B). Schema-per-tenant é exceção justificada por compliance.
+2. **JWT minimal** — apenas `super_admin: bool` em `app_metadata`. Lista de orgs no JWT é anti-pattern.
+3. **Helper functions PG STABLE** — todas as funções `private.is_member_of`, `private.has_role`, `private.has_permission`, `private.is_super_admin` marcadas `STABLE`. VOLATILE = re-execução por linha.
+4. **7 tabelas core** — `organizations`, `departments`, `roles`, `permissions`, `role_permissions`, `organization_members`, `department_members` (+ auxiliar `organization_slug_history`).
+5. **Slug imutável** com redirect trail via `organization_slug_history`. Mutação direta = bookmarks/webhooks/OAuth quebram.
+6. **Audit log append-only** — REVOKE DELETE, UPDATE para `authenticated`. Apenas service_role pode mutar.
+7. **DSR erasure via anonymization** — preserva UUID, apaga PII. Hard delete destrói audit trail.
+8. **HMAC validation antes de JSON.parse** — sobre raw body. Validar após parse = inválido.
+---
+## (c) Convenções de Naming (todas as tabelas multi-tenant)
+| Padrão | Exemplo |
+|---|---|
+| Tabelas em snake_case plural | `organizations`, `organization_members`, `department_members`, `role_permissions` |
+| Colunas em snake_case singular | `org_id`, `user_id`, `role_id`, `created_at`, `is_leader` |
+| FK naming `<entidade>_id` | `org_id`, `user_id`, `dept_id`, `role_id`, `permission_id` |
+| Boolean prefix `is_` ou `has_` | `is_leader`, `is_super_admin`, `is_built_in`, `has_permission` |
+| Timestamps ISO 8601 | `created_at`, `updated_at`, `joined_at`, `expires_at`, `accepted_at` |
+| Helper functions em schema `private` | `private.is_member_of`, `private.has_role`, `private.has_permission`, `private.is_super_admin` |
+| Audit triggers em schema `private` | `private.track_org_slug_change`, `private.create_audit_partition`, `private.on_org_created` |
+---
+## (d) Cross-Refs Externos
+- [Supabase RLS Best Practices](https://makerkit.dev/blog/tutorials/supabase-rls-best-practices)
+- [Supabase Custom Access Token Hook](https://supabase.com/docs/guides/auth/auth-hooks/custom-access-token-hook)
+- [Supabase Supavisor 1M Connections](https://supabase.com/blog/supavisor-1-million)
+- [Meta Developers — WhatsApp Webhooks](https://developers.facebook.com/docs/whatsapp/cloud-api/guides/set-up-webhooks/)
+- [Meta Developers — Messaging Limits](https://developers.facebook.com/docs/whatsapp/messaging-limits/)
+- [Evolution API Documentation](https://doc.evolution-api.com/v2/en/configuration/webhooks)
+- [LGPD Brazil — Lei 13.709/2018](https://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/l13709.htm)
+- [ANPD — International Data Transfers Deadline 2025](https://www.mydata-trust.com/2025/08/19/brazil-data-transfers-deadline/)
+- [CASL Documentation](https://casl.js.org/)
+- [shadcn/ui](https://ui.shadcn.com/)
+---
+## (e) Cross-Suite Invocation Pattern (introduzido v1.21)
+Agents da Suíte Multi-Tenant **não duplicam** lógica Supabase. Padrão canônico de delegação:
+```
+b2b-saas-architect (v1.21)
+  └─→ Task(supabase-architect)         # plano de migration + tier/branches
+      └─→ Task(supabase-migration-writer) # SQL final
+multi-tenant-rls-writer (v1.21)
+  ├─ herda anti-pitfalls supabase-rls-writer (v1.8) via cross-ref Markdown
+  └─ adiciona helper functions hierárquicas + super_admin bypass
+evolution-go-integrator (v1.21)
+  └─→ Task(supabase-edge-fn-writer)     # Deno code da Edge Function
+audit-log-implementer (v1.21)
+  └─ usa skill supabase-cron-queues (v1.8) para retention scheduling
+org-onboarding-implementer (v1.21)
+  ├─→ Task(supabase-migration-writer)   # migration de criação de org
+  └─→ Task(supabase-edge-fn-writer)     # Edge Function setup wizard
+```
+**Anti-pattern:** agent v1.21 reescrever lógica de RLS do zero (deve herdar e estender). Agent v1.21 escrever Edge Function direto (deve delegar para `supabase-edge-fn-writer`).