better-auth
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a shell script (scripts/setup-d1-drizzle.sh) and markdown setup commands (commands/setup.md) that automate directory creation, package installation, and Cloudflare D1 database operations.
- [EXTERNAL_DOWNLOADS]: Documentation and scripts instruct the download of several well-known authentication and ORM libraries from the public npm registry.
- [DATA_EXFILTRATION]: Reference implementations such as references/cloudflare-worker-drizzle.ts include code that logs sensitive verification tokens and URLs to the console, which may lead to exposure in production log environments.
- [PROMPT_INJECTION]: The skill handles untrusted user-controlled data which creates an indirect prompt injection surface. (1) Ingestion points: User-provided name and email fields during registration and social login in references/react-client-hooks.tsx. (2) Boundary markers: Absent in provided HTML email template examples. (3) Capability inventory: The skill performs database writes and triggers network-based email dispatch. (4) Sanitization: The reference code does not explicitly demonstrate input sanitization or output encoding for user-provided strings before they are interpolated into email templates or stored.
Audit Metadata