auth-cognito
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate code snippets and architecture patterns for implementing authentication using industry-standard libraries like oidc-client-ts and jose.
- [SAFE]: Hardcoded secrets are avoided; placeholders or SST secret management patterns are used instead (e.g., GOCSPX-xxxxx).
- [SAFE]: Token storage recommendations prioritize security by advising against the use of localStorage to mitigate XSS risks.
- [SAFE]: The implementation of Authorization Code Flow with PKCE is a recommended security practice for Single Page Applications (SPAs).
Audit Metadata