moai-security-auth
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Technical review of the provided code samples for NextAuth.js and Passport.js confirms adherence to security best practices, including robust password hashing with bcrypt and secure session management with JWT.
- [SAFE]: No prompt injection attempts, obfuscated code, or hidden instructions were detected within the skill files or metadata.
- [SAFE]: External references and dependencies are limited to official documentation and well-known, trusted open-source repositories (e.g., OWASP, NIST, NextAuth.js, SimpleWebAuthn).
- [SAFE]: The skill correctly demonstrates defensive patterns such as rate limiting and account lockout to mitigate brute-force attacks.
- [SAFE]: No sensitive information or hardcoded credentials were found; implementation examples correctly use environment variables for secrets.
Audit Metadata