auth
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides educational content and code templates for authentication and authorization.
- [SAFE]: Code snippets use placeholders (e.g., CLIENT_ID, PRIVATE_KEY) and example domains (example.com), avoiding credential exposure.
- [SAFE]: Recommended libraries (argon2, bcrypt, jsonwebtoken, otplib, qrcode, ioredis) are industry standards for the described tasks.
- [SAFE]: Includes explicit warnings against common security pitfalls like timing attacks, open redirects, and JWT algorithm confusion.
- [SAFE]: Provides clear guidance on when to escalate to senior software engineers for review of sensitive components (e.g., password hashing, MFA setup, production deployments).
Audit Metadata