auth0-react-native
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions for installing the official 'react-native-auth0' package via npm and npx, which is the expected SDK for the described functionality.
- [SAFE]: Instructions for configuring sensitive platform files (Info.plist, AndroidManifest.xml) and environment variables (.env) use generic placeholders and follow standard mobile development security patterns.
- [SAFE]: The code examples demonstrate secure authentication flows using the Auth0Provider and useAuth0 hooks, including the use of PKCE (Proof Key for Code Exchange) which is enabled by default in the SDK.
- [SAFE]: Security considerations in the documentation explicitly recommend using secure storage (Keychain/Keystore), HTTPS callbacks, and backend token validation.
- [SAFE]: Network operations described in the patterns guide involve standard API calls to user-defined endpoints using bearer tokens, which is the intended purpose of the authentication integration.
Audit Metadata