better-auth-integration
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill manages potential indirect prompt injection by using Zod schemas (such as RegisterInputSchema in auth.schema.ts) as ingestion points for untrusted user data. These schemas serve as boundary markers and sanitization filters, enforcing strict regex and length constraints. The skill's capability inventory is limited to standard authentication and database operations via Better Auth and Drizzle ORM.
- [EXTERNAL_DOWNLOADS]: The skill includes a package.json script snippet that uses npx to download and run @better-auth/cli from the NPM registry. This is a standard and safe operation for generating the required database schema for the authentication library.
- [COMMAND_EXECUTION]: The provided better-auth:generate script executes a CLI tool to automate the creation of database schema files, ensuring alignment between the code-based auth configuration and the database layer.
- [SAFE]: Telemetry is disabled by default in the auth.utils.ts configuration, ensuring that usage metrics are not transmitted to external servers, thereby maintaining project privacy.
Audit Metadata