create-auth-skill
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the installation of
better-authand related scoped packages (e.g.,@better-auth/passkey,@better-auth/cli) from the official NPM registry. These are legitimate libraries maintained by the skill author for the purpose of authentication. - [COMMAND_EXECUTION]: Provides instructions for running database migrations and schema generation using
npx @better-auth/cli. These commands are standard utility operations for the library and are only executed after user confirmation of the implementation plan. - [DATA_EXFILTRATION]: The skill scans local project files (e.g.,
package.json,prisma/schema.prisma) to auto-detect frameworks and databases. This data is used exclusively to populate configuration defaults within the agent's context and is not transmitted to external third-party servers. - [PROMPT_INJECTION]: No malicious instruction overrides or bypass patterns were detected. The skill uses structured Phase 1 'Planning' questions to define behavior rather than open-ended or unsafe interpolation.
- [SAFE]: Includes a comprehensive 'Security Checklist' advising users on best practices such as setting secure secrets, enabling CSRF protection, and configuring trusted origins.
Audit Metadata