fix(attribution): auth-web-cloudbase Skill 邮箱注册 API 流程说明不清晰 (issue_mnouau2z_bk9am7)

Author: CodeBuddy Attribution Bot

config/.claude/skills/auth-tool/SKILL.md

@@ -130,6 +130,7 @@ Parameter mapping for downstream Web auth code:
 - `queryAppAuth(action="getLoginConfig")` and `manageAppAuth(action="patchLoginStrategy")` return `sdkStyle: "supabase-like"` plus `sdkHints`; treat that as the preferred frontend-auth calling guide
 - `PhoneNumberLogin` controls phone OTP flows used by `auth-web` `auth.signInWithOtp({ phone })` and `auth.signUp({ phone })`
 - `EmailLogin` controls email OTP flows used by `auth-web` `auth.signInWithOtp({ email })` and `auth.signUp({ email })`
+- Email and phone signup complete through OTP verification. After `auth.signUp({ email|phone, ... })`, continue with the returned `verifyOtp({ token })`
 - `UserNameLogin` controls username/password Web auth flows used by `auth-web` `auth.signUp({ username, password })` and `auth.signInWithPassword({ username, password })`
 - If the account identifier is a plain username string, do not route it through email-only helpers such as `signInWithEmailAndPassword`
 - `UserNameLogin` also enables the broader password-login surface exposed by `auth.signInWithPassword({ username|email|phone, password })`
@@ -212,6 +213,7 @@ Email has two layers of configuration:
 - `ModifyLoginConfig.EmailLogin`: controls whether email/password login is enabled
 - `ModifyProvider(Id="email")`: controls the email sender channel and SMTP configuration
 - In Web auth code, this maps to `auth.signInWithOtp({ email })` and `auth.signUp({ email })`
+- `auth.signUp({ email })` is an email OTP registration step, not an `email + password` signup payload; finish the flow with `verifyOtp({ token })`
 
 Preferred MCP tool path: