better-auth
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety guidelines were detected in the skill instructions or rules.
- [Data Exposure] (SAFE): Sample configuration files and setup commands contain standard placeholders for secrets and database URLs (e.g., 'your-secret'). These do not expose actual credentials.
- [External Downloads] (SAFE): Recommended dependencies such as 'better-auth' and 'drizzle-orm' are well-known, legitimate packages from the npm registry.
- [Indirect Prompt Injection] (SAFE): The skill provides templates for transactional emails (verification, invitation) that interpolate user-provided data. This is a standard authentication feature and is implemented in a low-risk, context-specific manner.
Audit Metadata