testing-api-authentication
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical reference for developers testing API authentication. It outlines standard procedures for environment variable management using .env.local, starting local servers with uvicorn, and executing diagnostic Python scripts. The inclusion of Clerk-specific configuration (RS256 algorithm, PEM public keys) and troubleshooting steps for common JWT validation issues (such as audience claim missing or token expiry) is consistent with legitimate software development practices. References to external Clerk service endpoints are used appropriately for fetching authentication configuration via JWKS. No signs of malicious intent, credential exfiltration, or unauthorized command execution were found.
Audit Metadata