fusionauth
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard integration patterns for FusionAuth using the official TypeScript SDK.
- [SAFE]: Includes proactive security guidance in 'references/gotchas.md', advising against exposing API keys in client-side code and preventing account enumeration.
- [SAFE]: Webhook handling implementation in 'assets/webhook-handler.ts' correctly uses HMAC signature verification with timing-safe comparison to prevent forgery and timing attacks.
Audit Metadata