auth-security
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is primarily educational documentation and code templates. All analyzed files focus on implementing defense-in-depth strategies against common vulnerabilities like CSRF, XSS, and JWT-related attacks.
- [COMMAND_EXECUTION] (SAFE): No arbitrary command execution, shell spawning, or dangerous system calls were identified. The scripts use standard cryptographic and web library functions.
- [DATA_EXFILTRATION] (SAFE): No hardcoded secrets, sensitive file path access, or exfiltration logic were found. Network operations are limited to standard OIDC/OAuth discovery patterns (JWKS fetching).
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not perform remote script execution or download untrusted packages. It uses standard, reputable libraries like 'jose' for cryptographic operations.
Audit Metadata