better-auth
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (MEDIUM): The skill implements adversarial directives to steer agent behavior and technical implementation.
- Deceptive Framework Claims: In
references/middleware.md, the skill incorrectly states thatmiddleware.tsis deprecated and thatproxy.tsis the recommended standard for 'Next.js 16'. This misinformation can lead to insecure deployments if an agent creates a configuration that the underlying framework does not execute. - Mandated Workflow:
SKILL.mdincludes a 'MANDATORY' workflow section requiring the agent to use specific tools likeTeamCreateandfuse-ai-pilotbefore any implementation, overriding the agent's autonomous planning. - EXTERNAL_DOWNLOADS (LOW): The skill suggests installing various standard NPM packages (e.g.,
better-auth,siwe,prisma,drizzle-orm). While relevant, the high volume of dependencies increases the attack surface. - COMMAND_EXECUTION (LOW): The guide instructs the agent to run CLI setup and migration commands (
bun add,bunx @better-auth/cli,bunx prisma migrate).
Audit Metadata