better-auth-python
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious behaviors or security vulnerabilities were identified in the skill files. The implementation uses standard libraries for JWT verification and database management.- [Indirect Prompt Injection] (SAFE): Although the skill handles untrusted external data, it implements robust security controls.
- Ingestion points: JWT tokens are ingested from the Authorization header in templates/auth.py.
- Boundary markers: The skill uses jwt.decode with RSA signature verification against keys from a JWKS endpoint to establish trust.
- Capability inventory: The skill allows database interactions (CRUD) on user-owned resources via SQLModel and SQLAlchemy templates.
- Sanitization: All processed data is cryptographically signed and verified, preventing unauthorized instruction injection into the backend.
Audit Metadata