nextjs-supabase-auth
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Unverifiable Dependencies] (LOW): References @supabase/ssr, which is a library from a trusted organization (Supabase). Per [TRUST-SCOPE-RULE], this is considered low risk.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets or unauthorized data access. The use of public environment variables for the Supabase URL and Anon Key follows the service's intended security model.
- [Indirect Prompt Injection] (LOW): The skill handles user-provided data during authentication flows, but lacks dangerous capabilities like shell access or arbitrary file writes, making the surface low risk.
- [Command Execution] (SAFE): No shell commands, subprocess spawning, or arbitrary code execution patterns were found.
Audit Metadata