oidc-integration
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions consistently advocate for secure implementation patterns, including the use of Authorization Code Flow with PKCE for public clients and validating critical token claims such as issuer, audience, and signature.
- [SAFE]: No hardcoded credentials or sensitive data exposure patterns were found. The use of environment variable placeholders (e.g., VITE_OIDC_CLIENT_ID) follows standard development best practices.
- [SAFE]: The recommended libraries and frameworks, such as oidc-client-ts, react-oidc-context, and Spring Security, are well-known, industry-standard tools for authentication and authorization.
Audit Metadata