authentication-setup
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows established security protocols by mandating the use of strong hashing algorithms (bcrypt, argon2) and prohibiting plaintext password storage.
- [SAFE]: Sensitive configuration is managed through environment variables with clear instructions to exclude secrets from version control (using .gitignore and .env.example).
- [SAFE]: All external libraries and resources referenced (jsonwebtoken, bcrypt, Passport.js, etc.) are standard, well-known tools from trusted industry sources.
- [SAFE]: The instructions incorporate critical security layers such as JWT revocation via refresh tokens stored in the database, rate limiting, and role-based access control (RBAC).
- [SAFE]: No obfuscation, data exfiltration patterns, or malicious prompt injection vectors were detected.
Audit Metadata