moai-security-auth
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill content is purely educational, providing architectural patterns and code snippets for robust authentication systems. No malicious instructions or payload-carrying code were detected.
- [SAFE]: All code examples follow security best practices, such as using environment variables for secrets, implementing password hashing with salting (bcrypt), and employing rate limiting and session fingerprinting to prevent brute-force and hijacking attacks.
- [SAFE]: Referenced external dependencies consist entirely of well-known, industry-standard libraries (e.g., NextAuth.js, Passport.js, SimpleWebAuthn, ioredis). No suspicious or obfuscated packages were included.
- [SAFE]: Documentation links point to official specifications (W3C, IETF, RFCs) and established security organizations (OWASP, NIST), reinforcing the skill's legitimate purpose.
- [SAFE]: No evidence of prompt injection, data exfiltration, privilege escalation, or persistence mechanisms was found in the text or code blocks.
Audit Metadata