@luanpdd/kit-mcp 1.19.0 → 1.21.0

package/kit/skills/lgpd-multi-tenant-compliance/SKILL.md

@@ -0,0 +1,340 @@
+---
+name: lgpd-multi-tenant-compliance
+description: Use ao implementar compliance LGPD (Lei 13.709/2018) per-tenant em B2B SaaS Supabase — 9 direitos Art. 18 com workflow per-org, DSR SLA 15 dias Art. 19 + alert pg_cron D-3, consent management granular default opt-out (Art. 8 §5), erasure via anonymization (não hard delete), cross-border config Brasil-UE adequacy jan/2026.
+---
+
+# LGPD Multi-Tenant Compliance — Lei 13.709/2018
+
+## Quando usar
+
+LLM carrega esta skill ao implementar compliance LGPD em B2B SaaS Brasil. Trigger phrases:
+
+- "LGPD compliance", "Lei 13.709"
+- "DSR data subject request"
+- "consent management granular"
+- "erasure anonymization LGPD"
+- "cross-border data transfer Brazil"
+- "ANPD adequacy decision"
+
+## Regras absolutas
+
+**REGRA #1 (DSR SLA 15 dias — Art. 19):** Toda DSR (Data Subject Request) deve ser processada em **15 dias corridos** (Art. 19 LGPD). Tabela `data_subject_requests` com `deadline_at = created_at + 15 days`. Pg_cron D-3 alerta requests próximas do prazo.
+
+**REGRA #2 (consent default opt-out — Art. 8 §5):** Consentimento LGPD deve ser **livre, informado, inequívoco**. Default opt-in é **ilegal** (Art. 8 §5). UI deve apresentar checkboxes desmarcados por default. Multa: até R$50M ou 2% faturamento.
+
+**REGRA #3 (consent granular):** Consentimento separado por **finalidade** — analytics ≠ marketing ≠ third-party-share ≠ profiling. User pode aceitar uma e rejeitar outra. Consent bundling (uma checkbox para tudo) é vedado.
+
+**REGRA #4 (erasure via anonymization):** Direito à eliminação (Art. 18 VI) implementado via **anonymization**: preservar UUID (chave opaca), apagar PII (`name → NULL`, `email → SHA-256 hash`, `phone → NULL`). Hard delete destrói audit trail necessário para outras compliance obrigations.
+
+**REGRA #5 (cross-border config):** Para apps com clientes brasileiros, Vercel deploy region `gru1` (São Paulo) + Supabase project region `sa-east-1` mantêm dados em repouso no Brasil. Adequacy decision Brasil-UE estabelecida em janeiro/2026 permite EU regions sem SCCs adicionais.
+
+**REGRA #6 (per-tenant — não global):** Cada org tem sua própria política de retention/consent. App é controlador de dados em alguns casos, operador em outros (Art. 5). Per-tenant implementação respeita esta diversidade.
+
+## Patterns canônicos
+
+### Tabela `consent_records`
+
+```sql
+create table public.consent_records (
+  id uuid primary key default gen_random_uuid(),
+  org_id uuid not null references public.organizations(id) on delete cascade,
+  user_id uuid not null references auth.users(id) on delete cascade,
+  purpose text not null
+    check (purpose in (
+      'analytics',           -- analytics próprio (PostHog, Mixpanel)
+      'marketing_email',     -- envio email marketing
+      'marketing_whatsapp',  -- envio WhatsApp marketing
+      'third_party_share',   -- compartilhamento com parceiros
+      'profiling',           -- perfilamento comportamental
+      'cookies_optional'     -- cookies não-essenciais
+    ) or purpose like 'custom\_%'),
+  granted boolean not null,
+  granted_at timestamptz not null default now(),
+  revoked_at timestamptz,
+  source text not null default 'app_settings'
+    check (source in ('app_settings', 'cookie_banner', 'signup_form', 'api')),
+  ip_address inet,
+  user_agent text,
+  unique (org_id, user_id, purpose, granted_at)  -- histórico audited
+);
+
+create index consent_records_org_user_purpose_idx
+  on public.consent_records (org_id, user_id, purpose, granted_at desc);
+
+alter table public.consent_records enable row level security;
+
+create policy "consent_records_select_own" on public.consent_records
+  for select to authenticated
+  using (user_id = (select auth.uid()));
+
+create policy "consent_records_insert_own" on public.consent_records
+  for insert to authenticated
+  with check (user_id = (select auth.uid()));
+
+create policy "consent_records_admin_view" on public.consent_records
+  for select to authenticated
+  using (private.has_permission('process', 'dsr_requests', org_id));
+```
+
+### Helper `current_consent`
+
+```sql
+create or replace function private.current_consent(p_org_id uuid, p_user_id uuid, p_purpose text)
+returns boolean
+language sql
+stable
+security invoker
+set search_path = ''
+as $$
+  select coalesce(
+    (select granted from public.consent_records
+     where org_id = p_org_id and user_id = p_user_id and purpose = p_purpose
+     order by granted_at desc limit 1),
+    false  -- REGRA #2: default opt-out se não houver registro
+  );
+$$;
+```
+
+### Tabela `data_subject_requests`
+
+```sql
+create table public.data_subject_requests (
+  id uuid primary key default gen_random_uuid(),
+  org_id uuid not null references public.organizations(id) on delete cascade,
+  requester_user_id uuid references auth.users(id) on delete set null,
+  requester_email text not null,
+  request_type text not null
+    check (request_type in (
+      'confirmation',     -- Art. 18 I — confirmação da existência de tratamento
+      'access',           -- Art. 18 II — acesso aos dados
+      'correction',       -- Art. 18 III — correção
+      'anonymization',    -- Art. 18 IV — anonimização/bloqueio/eliminação parcial
+      'portability',      -- Art. 18 V — portabilidade
+      'erasure',          -- Art. 18 VI — eliminação completa
+      'sharing_info',     -- Art. 18 VII — informação sobre compartilhamento
+      'consent_revoke',   -- Art. 18 IX — revogação consentimento
+      'automated_review'  -- Art. 18 — revisão decisão automatizada
+    )),
+  description text,
+  status text not null default 'pending'
+    check (status in ('pending', 'in_progress', 'completed', 'rejected', 'expired')),
+  deadline_at timestamptz not null default (now() + interval '15 days'),  -- REGRA #1 Art. 19
+  completed_at timestamptz,
+  rejected_reason text,
+  result jsonb,                                                            -- payload de resposta (export, etc.)
+  created_at timestamptz not null default now()
+);
+
+create index dsr_org_status_deadline_idx on public.data_subject_requests (org_id, status, deadline_at);
+
+alter table public.data_subject_requests enable row level security;
+
+-- Apenas users com permission process:dsr_requests
+create policy "dsr_select_with_permission" on public.data_subject_requests
+  for select to authenticated
+  using (private.has_permission('process', 'dsr_requests', org_id));
+
+-- Insert: qualquer authenticated pode criar request para si próprio
+create policy "dsr_insert_self" on public.data_subject_requests
+  for insert to authenticated
+  with check (
+    requester_user_id = (select auth.uid())
+    or requester_email = (select email from auth.users where id = (select auth.uid()))
+  );
+
+create policy "dsr_super_admin" on public.data_subject_requests
+  as permissive for all to authenticated
+  using (private.is_super_admin())
+  with check (private.is_super_admin());
+```
+
+### Cron alert D-3 (3 dias antes do prazo)
+
+```sql
+select cron.schedule(
+  'dsr-deadline-alert-d3',
+  '0 9 * * *',  -- diário 9:00 UTC
+  $$
+    -- Notificar admin (via Edge Function notification) sobre DSRs próximas do prazo
+    insert into public.notifications (org_id, type, payload)
+    select
+      org_id,
+      'dsr_deadline_warning',
+      jsonb_build_object(
+        'request_id', id,
+        'days_remaining', extract(day from deadline_at - now()),
+        'request_type', request_type
+      )
+    from public.data_subject_requests
+    where status in ('pending', 'in_progress')
+      and deadline_at < now() + interval '3 days'
+      and deadline_at >= now()
+      and id not in (
+        select (payload->>'request_id')::uuid from public.notifications
+        where type = 'dsr_deadline_warning'
+          and created_at > now() - interval '24 hours'
+      );
+  $$
+);
+```
+
+### Erasure via anonymization (REGRA #4)
+
+```sql
+-- RPC chamada quando admin processa DSR de erasure
+create or replace function public.process_erasure_request(p_dsr_id uuid)
+returns void
+language plpgsql
+security invoker
+set search_path = ''
+as $$
+declare
+  v_dsr record;
+  v_user_id uuid;
+begin
+  -- Validar permission
+  select * into v_dsr from public.data_subject_requests where id = p_dsr_id;
+  if v_dsr is null then raise exception 'dsr_not_found'; end if;
+  if not private.has_permission('process', 'dsr_requests', v_dsr.org_id) then
+    raise exception 'forbidden';
+  end if;
+
+  v_user_id := v_dsr.requester_user_id;
+  if v_user_id is null then
+    raise exception 'erasure_requires_user_id';
+  end if;
+
+  -- Anonymize across all tenant tables (preservar UUID)
+  -- 1. organization_members
+  update public.organization_members
+  set status = 'left'
+  where user_id = v_user_id and org_id = v_dsr.org_id;
+
+  -- 2. leads (owner_id e contact data)
+  update public.leads
+  set
+    owner_id = null,                                        -- preserva FK opcional
+    contact_email = encode(digest(coalesce(contact_email, ''), 'sha256'), 'hex'),
+    contact_phone = null,
+    contact_name = '[anonymized]'
+  where org_id = v_dsr.org_id
+    and (owner_id = v_user_id);  -- leads owned por este user
+
+  -- 3. audit_logs — preservar (REGRA #4: não destruir trail), apenas anonimizar
+  update public.audit_logs
+  set
+    actor_id = null,
+    actor_email_hash = '[anonymized]',
+    payload = payload - 'actor_email' - 'ip_address'
+  where actor_id = v_user_id and tenant_id = v_dsr.org_id;
+
+  -- 4. (em audit_logs com legal_hold = true não anonimizar — preservar evidence)
+  -- (já filtrado pelo update acima — apenas tocá-lo após legal hold ser liberado)
+
+  -- 5. Marcar DSR como completed
+  update public.data_subject_requests
+  set status = 'completed', completed_at = now(), result = jsonb_build_object('anonymized', true)
+  where id = p_dsr_id;
+
+  -- 6. Audit
+  perform private.audit_log(
+    'data_exported',
+    v_dsr.org_id,
+    v_user_id, 'user', v_dsr.requester_email,
+    jsonb_build_object('action', 'erasure_completed', 'dsr_id', p_dsr_id)
+  );
+end;
+$$;
+
+grant execute on function public.process_erasure_request(uuid) to authenticated;
+```
+
+### Cross-border config (REGRA #5)
+
+```typescript
+// next.config.js (Vercel)
+module.exports = {
+  // Edge Functions só rodam em São Paulo
+  experimental: {
+    serverActions: {
+      allowedOrigins: ['*.vercel.app']
+    }
+  },
+  // Force region para Edge runtime
+  runtime: 'edge',
+  regions: ['gru1']  // São Paulo
+}
+
+// Supabase project criado em sa-east-1 (São Paulo) — escolher na criação
+```
+
+## Anti-patterns
+
+### Anti-pattern 1: Hard delete em erasure flow
+
+**Errado:**
+```sql
+delete from auth.users where id = '<user>' cascade;
+-- audit_logs cascade deletado, evidence destroyed
+```
+
+**Por quê:** destrói audit trail necessário para outras obrigações compliance (investigação fraudulenta, anti-money-laundering, registros fiscais 5 anos).
+
+**Certo:** REGRA #4 — anonymization. UUID preservado, PII apagada.
+
+### Anti-pattern 2: Consent default opt-in
+
+**Errado:**
+```html
+<input type="checkbox" name="marketing" checked>  <!-- pre-marked -->
+<label>Aceito receber emails de marketing</label>
+```
+
+**Por quê:** Art. 8 §5 LGPD: consentimento deve ser livre, informado, inequívoco. Pre-checked = bundle implícito = ilegal.
+
+**Certo:** REGRA #2 — checkbox unchecked, user precisa clicar explicitamente.
+
+### Anti-pattern 3: Consent bundling
+
+**Errado:**
+```html
+<input type="checkbox" name="all_consents">
+<label>Aceito termos, privacy policy, marketing, analytics e third-party share</label>
+```
+
+**Por quê:** REGRA #3 — consentimentos devem ser separados por finalidade. User não pode "aceitar tudo" via 1 checkbox.
+
+**Certo:** N checkboxes individuais para cada `consent_records.purpose`.
+
+### Anti-pattern 4: DSR sem deadline tracking
+
+**Errado:**
+```sql
+-- Tabela sem deadline_at
+-- Admin esquece request, prazo 15 dias passa, ANPD multa
+```
+
+**Por quê:** Art. 19 prazo legal — descumprimento = multa.
+
+**Certo:** REGRA #1 — `deadline_at` automático + pg_cron alert D-3.
+
+### Anti-pattern 5: PII em audit_logs raw
+
+**Errado:**
+```sql
+insert into audit_logs (actor_email, payload) values ('user@email.com', '{"phone":"+5511999"}');
+```
+
+**Por quê:** quando user solicita erasure, audit_logs também precisa anonimizar. Mas hash = não há referência à PII original.
+
+**Certo:** já desde início, hash actor_email + sanitize payload (cross-ref Phase 109 audit-log-multi-tenant REGRA #4).
+
+## Ver também
+
+- [audit-log-multi-tenant](../audit-log-multi-tenant/SKILL.md) — Phase 109, PII sanitization + legal_hold flag
+- [b2b-saas-architecture](../b2b-saas-architecture/SKILL.md) — schema base
+- [supabase-cron-queues](../supabase-cron-queues/SKILL.md) — pg_cron pattern para alert D-3
+- [super-admin-platform-pattern](../super-admin-platform-pattern/SKILL.md) — Phase 111, super_admin process DSR
+- [_shared-multi-tenant/glossary.md](../_shared-multi-tenant/glossary.md) — `LGPD`, `DSR`, `9 direitos LGPD`, `anonymization`, `consent grain`, `adequacy decision`
+- [LGPD — Lei 13.709/2018](https://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/l13709.htm)
+- [ANPD — International Data Transfers](https://www.gov.br/anpd/)

package/kit/skills/member-invite-flow/SKILL.md

@@ -0,0 +1,305 @@
+---
+name: member-invite-flow
+description: Use ao implementar invite de membros em B2B SaaS multi-tenant Supabase — token SHA-256 (raw enviado por email, hash no banco), TTL 7d single-use, state machine 5 estados, email-locked obrigatório, idempotência em accept via FOR UPDATE.
+---
+
+# Member Invite Flow — B2B SaaS Multi-Tenant
+
+## Quando usar
+
+LLM carrega esta skill ao implementar invite de membros. Trigger phrases:
+
+- "member invite", "convidar membro", "invite token"
+- "invite state machine", "pending accepted expired"
+- "email-locked invite", "invite acceptance flow"
+- "bulk invite members"
+- "transfer ownership invite"
+
+## Regras absolutas
+
+**REGRA #1 (token SHA-256, hash no banco):** Token é `crypto.randomBytes(32).toString('hex')` — 64 hex chars. **Hash SHA-256 armazenado no banco**, raw enviado por email. Se DB vazar, atacante não tem tokens válidos.
+
+**REGRA #2 (single-use + TTL 7d):** Token expira em 7 dias OR primeiro accept (single-use). State machine impede uso múltiplo.
+
+**REGRA #3 (email-locked):** Aceitar invite requer user **logado com email destino**. Link compartilhável sem email-lock = qualquer um aceita. Validação no Edge Function ou RPC.
+
+**REGRA #4 (idempotência via FOR UPDATE):** RPC accept_invite usa `SELECT ... FOR UPDATE` para race protection. 2 requests simultâneos: primeiro processa, segundo retorna `already_accepted`.
+
+**REGRA #5 (state machine 5 estados):** `pending → accepted | rejected | cancelled | expired`. Transições enforced via trigger ou check constraint.
+
+**REGRA #6 (audit log obrigatório):** Cada criação/accept/reject/cancel/expire emite evento em `audit_logs` (Phase 109).
+
+## Patterns canônicos
+
+### Tabela `org_invites`
+
+```sql
+create table public.org_invites (
+  id uuid primary key default gen_random_uuid(),
+  org_id uuid not null references public.organizations(id) on delete cascade,
+  invited_by_id uuid not null references auth.users(id) on delete cascade,
+  invited_email text not null check (invited_email ~ '^.+@.+\..+$'),
+  role_id uuid not null references public.roles(id) on delete restrict,
+  token_hash text not null unique,              -- REGRA #1
+  state text not null default 'pending'
+    check (state in ('pending', 'accepted', 'rejected', 'cancelled', 'expired')),
+  expires_at timestamptz not null default (now() + interval '7 days'),  -- REGRA #2
+  accepted_by_id uuid references auth.users(id) on delete set null,
+  accepted_at timestamptz,
+  rejected_at timestamptz,
+  cancelled_at timestamptz,
+  created_at timestamptz not null default now()
+);
+
+create index org_invites_org_state_idx on public.org_invites (org_id, state);
+create index org_invites_email_state_idx on public.org_invites (invited_email, state);
+create unique index org_invites_pending_unique
+  on public.org_invites (org_id, invited_email)
+  where state = 'pending';  -- previne 2 invites pending pro mesmo email mesma org
+
+alter table public.org_invites enable row level security;
+
+-- RLS: members com permission members:invite veem invites da org
+create policy "org_invites_select_member" on public.org_invites
+  for select to authenticated
+  using (private.has_permission('invite', 'members', org_id));
+
+create policy "org_invites_insert_with_permission" on public.org_invites
+  for insert to authenticated
+  with check (private.has_permission('invite', 'members', org_id));
+
+-- super_admin bypass
+create policy "org_invites_super_admin" on public.org_invites
+  as permissive for all to authenticated
+  using (private.is_super_admin())
+  with check (private.is_super_admin());
+```
+
+### RPC `create_invite` — gera token + hash + envia email
+
+```sql
+create or replace function public.create_invite(
+  p_org_id uuid,
+  p_email text,
+  p_role_name text
+)
+returns text  -- retorna o token RAW (única vez! enviar por email)
+language plpgsql
+security invoker
+set search_path = ''
+as $$
+declare
+  v_role_id uuid;
+  v_token text;
+  v_token_hash text;
+begin
+  -- 1. Resolver role_id
+  select id into v_role_id
+  from public.roles
+  where org_id = p_org_id and name = p_role_name;
+
+  if v_role_id is null then
+    raise exception 'role % not found in org', p_role_name;
+  end if;
+
+  -- 2. Gerar token raw (32 bytes = 64 hex chars)
+  v_token := encode(gen_random_bytes(32), 'hex');
+  v_token_hash := encode(digest(v_token, 'sha256'), 'hex');
+
+  -- 3. Insert (RLS check: caller tem permission members:invite)
+  insert into public.org_invites (org_id, invited_by_id, invited_email, role_id, token_hash)
+  values (p_org_id, (select auth.uid()), p_email, v_role_id, v_token_hash);
+
+  -- 4. Audit log
+  perform private.audit_log(
+    'member_invited',
+    p_org_id,
+    null, 'member', p_email,
+    jsonb_build_object('role', p_role_name)
+  );
+
+  -- 5. Retornar token RAW (chamador envia por email — único momento que existe)
+  return v_token;
+end;
+$$;
+
+grant execute on function public.create_invite(uuid, text, text) to authenticated;
+```
+
+### RPC `accept_invite` — idempotente via FOR UPDATE
+
+```sql
+create or replace function public.accept_invite(p_token text)
+returns jsonb
+language plpgsql
+security invoker
+set search_path = ''
+as $$
+declare
+  v_token_hash text;
+  v_invite record;
+  v_user_email text;
+begin
+  v_token_hash := encode(digest(p_token, 'sha256'), 'hex');
+
+  -- REGRA #4: FOR UPDATE para race protection
+  select * into v_invite
+  from public.org_invites
+  where token_hash = v_token_hash
+  for update;
+
+  if v_invite is null then
+    raise exception 'invite_not_found';
+  end if;
+
+  -- Idempotência: se já aceito por este user, retorna sucesso (não erro)
+  if v_invite.state = 'accepted' then
+    if v_invite.accepted_by_id = (select auth.uid()) then
+      return jsonb_build_object('status', 'already_accepted', 'org_id', v_invite.org_id);
+    else
+      raise exception 'invite_already_used';
+    end if;
+  end if;
+
+  -- Estado != pending → erro
+  if v_invite.state != 'pending' then
+    raise exception 'invite_state_invalid: %', v_invite.state;
+  end if;
+
+  -- Expirado?
+  if v_invite.expires_at < now() then
+    update public.org_invites set state = 'expired' where id = v_invite.id;
+    raise exception 'invite_expired';
+  end if;
+
+  -- REGRA #3: email-locked — user logado deve match
+  select email into v_user_email from auth.users where id = (select auth.uid());
+  if lower(v_user_email) != lower(v_invite.invited_email) then
+    raise exception 'invite_email_mismatch';
+  end if;
+
+  -- Aceitar: criar membership + atualizar invite
+  insert into public.organization_members (org_id, user_id, role_id, status)
+  values (v_invite.org_id, (select auth.uid()), v_invite.role_id, 'active')
+  on conflict (org_id, user_id) do update
+  set role_id = excluded.role_id, status = 'active';
+
+  update public.org_invites
+  set state = 'accepted',
+      accepted_by_id = (select auth.uid()),
+      accepted_at = now()
+  where id = v_invite.id;
+
+  -- Audit
+  perform private.audit_log(
+    'member_invited',  -- mesmo evento, payload distingue
+    v_invite.org_id,
+    (select auth.uid()), 'member', v_user_email,
+    jsonb_build_object('action', 'accepted', 'invite_id', v_invite.id)
+  );
+
+  return jsonb_build_object('status', 'accepted', 'org_id', v_invite.org_id);
+end;
+$$;
+
+grant execute on function public.accept_invite(text) to authenticated;
+```
+
+### Bulk invite — N invites em batch
+
+```typescript
+// Frontend
+async function bulkInvite(orgId: string, invites: { email: string; role: string }[]) {
+  const results = await Promise.allSettled(
+    invites.map(i =>
+      supabase.rpc('create_invite', {
+        p_org_id: orgId,
+        p_email: i.email,
+        p_role_name: i.role
+      })
+    )
+  )
+
+  return results.map((r, i) => ({
+    email: invites[i].email,
+    status: r.status === 'fulfilled' ? 'invited' : 'error',
+    error: r.status === 'rejected' ? r.reason.message : null,
+    token: r.status === 'fulfilled' ? r.value.data : null
+  }))
+
+  // Frontend envia email para cada invite com token retornado
+}
+```
+
+### Cron expiração — pg_cron diário
+
+```sql
+select cron.schedule(
+  'expire-pending-invites',
+  '0 1 * * *',
+  $$
+    update public.org_invites
+    set state = 'expired'
+    where state = 'pending' and expires_at < now();
+  $$
+);
+```
+
+## Anti-patterns
+
+### Anti-pattern 1: Token raw armazenado no banco
+
+**Errado:**
+```sql
+insert into public.org_invites (token, ...) values (v_token, ...);  -- raw!
+```
+
+**Por quê:** vazamento de DB = todos tokens válidos. Atacante aceita invites pendentes para ganhar acesso.
+
+**Certo:** hash SHA-256 (REGRA #1). Raw enviado uma vez por email.
+
+### Anti-pattern 2: Link compartilhável sem email-lock
+
+**Errado:**
+```typescript
+// URL: https://app.com/invite/<token>
+// Quem clicar primeiro aceita (sem checar email)
+```
+
+**Por quê:** se Alice encaminha email para Bob (acidentalmente ou maliciosamente), Bob aceita. Bob nunca foi convidado.
+
+**Certo:** REGRA #3 — accept exige user autenticado com email = invited_email.
+
+### Anti-pattern 3: Sem FOR UPDATE em accept (race)
+
+**Errado:**
+```sql
+select state from public.org_invites where token_hash = $1;  -- sem lock
+-- ... process ...
+update public.org_invites set state = 'accepted' where id = $1;
+```
+
+**Por quê:** 2 requests simultâneos: ambos leem `state = 'pending'`, ambos processam, criam 2 memberships duplicadas.
+
+**Certo:** REGRA #4 — FOR UPDATE bloqueia row, segundo request espera + relê estado atualizado.
+
+### Anti-pattern 4: Bulk invite sem limit
+
+**Errado:**
+```typescript
+// User cola 10000 emails de spam
+await bulkInvite(orgId, hugeList)
+```
+
+**Por quê:** envio massivo de emails = listas de spam, IP do mailing service blacklisted, emails legítimos param de chegar.
+
+**Certo:** rate limit no Edge Function (max 50 invites/hora por org) + check de domínio email (block free providers se necessário).
+
+## Ver também
+
+- [b2b-saas-architecture](../b2b-saas-architecture/SKILL.md) — schema `organization_members` + `roles`
+- [multi-tenant-rls-hierarchy](../multi-tenant-rls-hierarchy/SKILL.md) — `private.has_permission` usado em RLS
+- [audit-log-multi-tenant](../audit-log-multi-tenant/SKILL.md) — events `member_invited` (Phase 109)
+- [org-onboarding-flow](../org-onboarding-flow/SKILL.md) — fluxo signup que precede invites
+- [rbac-permissions-matrix-supabase](../rbac-permissions-matrix-supabase/SKILL.md) — permission `invite:members`
+- [_shared-multi-tenant/glossary.md](../_shared-multi-tenant/glossary.md) — termos `invitation token`, `invite state machine`, `email-locked`