create-auth-skill
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as an instructional guide and scaffolding assistant for the Better Auth ecosystem. It uses structured questioning and project scanning to provide tailored configuration advice.
- [DATA_EXPOSURE]: The skill performs local environment scanning to detect frameworks and database configurations (e.g., checking for
package.jsonorprisma/schema.prisma). This is a standard functional requirement for developer tooling and does not involve unauthorized data exfiltration. - [CREDENTIALS_UNSAFE]: No hardcoded credentials were found. The skill correctly instructs users to manage sensitive information like
BETTER_AUTH_SECRETandDATABASE_URLvia environment variables, following security best practices. - [EXTERNAL_DOWNLOADS]: The skill references official documentation at
better-auth.comand standard installation commands for packages from the npm registry. These are well-known and trusted resources in the web development community. - [COMMAND_EXECUTION]: The provided commands (e.g.,
npx @better-auth/cli migrate) are standard CLI operations for the library being implemented. They are executed with user awareness as part of a confirmed implementation plan.
Audit Metadata