better-auth
Warn
Audited by Snyk on Mar 1, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). I flagged the npx invocations because they fetch and execute remote npm package code at runtime which the skill requires for schema generation/migration and codemods — specifically: npx @better-auth/cli generate (https://www.npmjs.com/package/@better-auth/cli) and npx @next/codemod@latest middleware-to-proxy . (https://www.npmjs.com/package/@next/codemod).
Audit Metadata