better-auth
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill implements logic that processes untrusted external data (HTTP request headers and bodies) via authentication handlers.
- Ingestion points: The
auth.handler(c.req.raw)method inreferences/cloudflare-worker-kysely.tsandreferences/nextjs/postgres-example.tsingests raw request data. - Boundary markers: Absent. There are no specific instructions provided to the agent to ignore instructions embedded within the user data processed by these handlers.
- Capability inventory: The skill provides logic for session verification and database queries but does not include dangerous capabilities like arbitrary command execution or file system writes.
- Sanitization: Relies on the internal validation and sanitization logic of the third-party
better-authlibrary. - [DATA_EXPOSURE & EXFILTRATION] (SAFE): Code examples correctly utilize environment variable bindings (e.g.,
env.BETTER_AUTH_SECRET) rather than hardcoding credentials. Database connection strings in documentation use generic placeholders. - [REMOTE_CODE_EXECUTION] (SAFE): No patterns for remote script execution or piped downloads were detected. The skill references standard, well-known libraries in the TypeScript ecosystem.
Audit Metadata