jwt-config-generator

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECREDENTIALS_UNSAFE

Full Analysis

[CREDENTIALS_UNSAFE]: The file output/jwt.ts includes hardcoded strings 'access-secret' and 'refresh-secret' as default values for cryptographic keys. These defaults pose a security risk if not explicitly overridden by secure environment variables in a deployed environment.

Audit Metadata

Risk Level

SAFE

Analyzed

Mar 10, 2026, 03:29 AM