goldsky-io/auth-setup
skills/auth-setup/SKILL.md
Set up Goldsky CLI authentication and project configuration. Use this skill when the user needs to: install the goldsky CLI (what's the official install command?), run goldsky login (including when the browser opens but 'authentication failed'), run goldsky project list and see 'not logged in' or 'unauthorized', switch between Goldsky projects, check which project they're currently authenticated to, or fix 'unauthorized' errors when running goldsky turbo commands. Also use for 'walk me through setting up goldsky CLI from scratch for the first time'. If any other Goldsky skill hits an auth error, redirect here first.
tools
Updated Apr 17, 2026
$ install --global
skillsauthnpx skillsauth add goldsky-io/goldsky-agent auth-setupInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 11:18 AM32.3s2 files scanned
SKILL.md
- name:
- auth-setup
- description:
- Set up Goldsky CLI authentication and project configuration. Use this skill when the user needs to: install the goldsky CLI (what's the official install command?), run goldsky login (including when the browser opens but 'authentication failed'), run goldsky project list and see 'not logged in' or 'unauthorized', switch between Goldsky projects, check which project they're currently authenticated to, or fix 'unauthorized' errors when running goldsky turbo commands. Also use for 'walk me through setting up goldsky CLI from scratch for the first time'. If any other Goldsky skill hits an auth error, redirect here first.
Goldsky Authentication & Project Setup
Set up the Goldsky CLI, authenticate your account, and configure projects for your pipelines and subgraphs.
Prerequisites
- [ ] macOS, Linux, or WSL (Windows Subsystem for Linux)
- [ ] Internet connection
- [ ] Goldsky account (sign up at https://app.goldsky.com)
Authentication Workflow
Follow this workflow and verify each step. Execute commands and check results.
Step 1: Check CLI Installation
which goldsky && goldsky --version
Success: Path and version displayed (e.g., /usr/local/bin/goldsky and 13.2.0)
Not installed: Tell the user to run this in their terminal:
curl https://goldsky.com | sh
This requires sudo password entry. Use AskUserQuestion to confirm installation:
Question: "Please run this command in your terminal to install the Goldsky CLI:"
Code block: curl https://goldsky.com | sh
Options:
1. Label: "Done, it's installed"
Description: "I ran the command and the CLI is now installed"
2. Label: "I need help"
Description: "I encountered an error during installation"
After confirmation, verify with which goldsky && goldsky --version.
Step 2: Check Authentication Status
goldsky project list 2>&1
Already logged in: Output shows a table with project IDs and Names. Skip to Step 4.
Not logged in: Output contains Make sure to run 'goldsky login'. Continue to Step 3.
Step 3: Token-Based Login
Do NOT attempt interactive login. Always use token-based authentication.
Do NOT use AskUserQuestion for token input. Simply ask the user to paste their token directly in the chat:
You're not logged in. Please paste your API token:
(Need a token? Go to https://app.goldsky.com → Settings → API Tokens → Create Token)
Wait for the user to paste their token in their next message.
If user says they don't have a token or need help: Explain the steps:
- Go to https://app.goldsky.com
- Click Settings → API Tokens
- Click "Create Token" and give it a name
- Copy the token (it won't be shown again)
Then ask them to paste it.
Once user provides the token: Log them in:
goldsky login --token USER_PROVIDED_TOKEN
Step 4: Verify Login
ALWAYS verify after login:
goldsky project list
Success: Exit code 0, shows table with projects
Failure indicators:
Make sure to run 'goldsky login'still appearsinvalid tokenorunauthorized
If verification fails, ask user to generate a new token and repeat Step 3.
Completion Summary
After successful setup, provide a summary to the user:
## Setup Complete
**What was done:**
- ✓ Goldsky CLI installed (version X.X.X)
- ✓ Authenticated to Goldsky
- ✓ Connected to project: [project-name]
**Your available projects:**
[List projects from goldsky project list output]
**Next steps - try these skills:**
- `/secrets` - Set up credentials for pipeline sinks (PostgreSQL, ClickHouse, Kafka)
- Ask "create a pipeline" to start building data pipelines
- Ask "deploy a subgraph" to deploy a subgraph to Goldsky
Command Reference
| Command | Purpose | Key Flags |
| ------------------------------ | ------------------------------- | ----------------------- |
| goldsky login | Authenticate with Goldsky | --token for API token |
| goldsky logout | Remove local credentials | |
| goldsky project list | List all projects you belong to | |
| goldsky project create | Create a new project | --name (required) |
| goldsky project users list | List users in current project | |
| goldsky project users invite | Invite user to project | --emails, --role |
Common Patterns
Create a New Project
goldsky project create --name "my-new-project"
Invite Team Members
goldsky project users invite --emails [email protected] --role Editor
Available roles: Owner, Admin, Editor, Viewer
Switching accounts
goldsky logout
goldsky login
# MUST verify after: goldsky project list
Error Patterns
| Pattern | Meaning |
| ----------------------------------- | ----------------------------- |
| Make sure to run 'goldsky login' | Not authenticated |
| invalid token / unauthorized | Token is incorrect or expired |
| Permission denied / 403 | User lacks required role |
| token expired / session expired | Need to re-authenticate |
Troubleshooting
| Issue | Action |
| ----------------- | ------------------------------------------------------ |
| Not logged in | Prompt user for API token, use goldsky login --token |
| Invalid token | Ask user to generate a new token in dashboard |
| Permission denied | User needs role upgrade from project Owner/Admin |
| Session expired | Prompt for new token and re-authenticate |
Related
After authentication is complete, suggest next steps:
/turbo-builder— Build and deploy a new pipeline interactively/datasets— Find the right dataset for your use case/secrets— Set up credentials for pipeline sinks (PostgreSQL, ClickHouse, Kafka, etc.)
Related Skills
goldsky-io/turbo-pipelines
development
VerifiedTrustedCommunity
Turbo pipeline YAML reference and architecture guide. Covers: YAML field syntax (start_at, from, version, primary_key), source/transform/sink configuration, validation errors, resource sizing (xs–xxl), architecture decisions (dataset vs kafka, streaming vs job, fan-out vs fan-in, sink selection, pipeline splitting). Triggers on: 'what does field X do', 'what fields does a postgres sink need', 'what resource size', 'should I use kafka or dataset', 'how to structure my pipeline'. For writing transforms, use /turbo-transforms. For end-to-end building, use /turbo-builder.
2SKILL.mdUpdated Apr 17, 2026
goldsky-io/turbo-builder
tools
VerifiedTrustedCommunity
Build and deploy new Goldsky Turbo pipelines from scratch. Triggers on: 'build a pipeline', 'index X on Y chain', 'set up a pipeline', 'track transfers to postgres', or any request describing data to move from a chain/contract to a destination (postgres, mysql, clickhouse, kafka, pubsub, s3, sqs, webhook). Covers the full workflow: requirements → dataset selection → YAML generation → validation → deploy. Not for debugging (use /turbo-doctor) or syntax lookups (use /turbo-pipelines).
2SKILL.mdUpdated Apr 17, 2026
goldsky-io/turbo-transforms
development
VerifiedTrustedCommunity
Write SQL, TypeScript, and dynamic table transforms for Turbo pipelines. Covers: decoding EVM logs with _gs_log_decode, filtering/casting blockchain data, UNION ALL for combining events, TypeScript/WASM transforms (invoke function), dynamic lookup tables (dynamic_table_check), transform chaining, and Solana decoding. Triggers on: 'decode Transfer events', 'write a SQL transform', 'filter by contract', 'TypeScript transform', 'dynamic table', 'UNION ALL'. For pipeline YAML structure, use /turbo-pipelines. For end-to-end building, use /turbo-builder.
1SKILL.mdUpdated Apr 17, 2026
goldsky-io/secrets
tools
VerifiedTrustedCommunity
Use this skill when a user wants to store, manage, or work with Goldsky secrets — the named credential objects used by pipeline sinks. This includes: creating a new secret from a connection string or credentials, listing or inspecting existing secrets, updating or rotating credentials after a password change, and deleting secrets that are no longer needed. Trigger for any query where the user mentions 'goldsky secret', wants to securely store database credentials for a pipeline, or is working with sink authentication for PostgreSQL, Neon, Supabase, ClickHouse, Kafka, S3, Google Cloud Pub/Sub, Elasticsearch, DynamoDB, SQS, OpenSearch, or webhooks.
1SKILL.mdUpdated Apr 17, 2026