auth-implementation-patterns
Fail
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE]: The skill provides high-quality educational patterns for secure system design and does not contain executable malicious code or instructions.- [SAFE]: Follows security best practices by utilizing bcrypt with recommended salt rounds for password hashing and environment variables for managing sensitive secrets like JWT and session keys.- [SAFE]: Implements robust defensive measures including input validation via Zod, rate limiting for authentication endpoints, and secure session cookie configurations (httpOnly, secure, sameSite).- [SAFE]: Automated scanner alerts regarding 'profile.ph' are identified as false positives, likely triggered by the substring 'profile.ph' within the legitimate JavaScript property access 'profile.photos'.- [SAFE]: No evidence of data exfiltration, prompt injection, or unauthorized command execution was found in the skill content.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata