better-auth-v2
Fail
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: HIGHDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Automated security scanners identified phishing-related URLs within the skill's documentation and implementation examples.
- Evidence: The URLs "https://username.github.io/ai-humanoid-robotics" and "https://username.github.io" were flagged as malicious by URLite scans.
- [DATA_EXFILTRATION]: The skill's defined workflow involves requesting sensitive database connection strings and authentication credentials directly from the user.
- Evidence: Section 2 of the step-by-step execution in SKILL.md specifies that the agent should ask for connection strings and credentials if a database is detected.
- [DATA_EXFILTRATION]: The skill implements an onboarding flow that collects extensive hardware telemetry, including CPU, GPU, and RAM specifications, which is stored in a user metadata table.
- Evidence: Step 5 of the execution flow in SKILL.md describes a multi-step form to collect and store detailed hardware information for personalization purposes.
Recommendations
- AI detected serious security threats
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata