Stats
Actions
Tags
From shuriken
Use when a user asks how to authenticate as an agent, create or rotate API credentials, or understand the lifecycle of agent keys on Shuriken.
How this skill is triggered — by the user, by Claude, or both
Slash command
/shuriken:agent-keysThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Agent keys are Shuriken's credential primitive for programmatic access. They authenticate a caller, carry a set of scopes defining what the caller can do, and are revocable without affecting the owning user's session.
Agent keys are Shuriken's credential primitive for programmatic access. They authenticate a caller, carry a set of scopes defining what the caller can do, and are revocable without affecting the owning user's session.
shuriken:scoping for how scopes are structured and how to reason about least-privilege.Authorization: Bearer <key> header on every request.An agent key belongs to a single Shuriken user. An integration holds that user's key (or the few keys that user has created for different purposes). There is no multi-tenant flow where an app mints keys on behalf of many users — every key is owned by the Shuriken account that created it.
https://docs.shuriken.trade/llms.txt and search for "agent keys"/v1/agent-keys/* — fetch https://docs.shuriken.trade/api-reference/openapi.json for current signaturesshuriken:scoping, shuriken:api-integrationnpx claudepluginhub shurikentrade/shuriken-skills --plugin shurikenUse when a user asks what an agent key can do, how Shuriken permissions work, or which scopes they need for a given integration.
Generates production checklists for AgentCore agents: IAM scoping, inbound auth (JWT/SigV4), secrets management, cold start optimization, session lifecycle, rate limiting, input validation, quotas.
Guides Bankr API and CLI security: read-only keys, IP whitelisting, rate limits, dedicated agent wallets, key rotation, and transaction safety.