better-auth-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (HIGH): The skill instructs the agent to run
npx @better-auth/cli@latest. This command downloads and executes code from the npm registry at runtime. Since the@better-authorganization is not on the list of Trusted External Sources, this pattern is flagged as high risk for remote code execution via an unverified third-party dependency. - Indirect Prompt Injection (HIGH): The skill creates a high-capability attack surface by suggesting the use of
npxcommands and MCP tools while processing user-controlled project files (e.g.,auth.ts,package.json). An attacker could place malicious instructions in these files that the agent might follow when attempting to 'integrate' the framework. Ingestion points: readingauth.tsand project directories. Boundary markers: None specified in instructions. Capability inventory: subprocess execution vianpxandopenssl. Sanitization: None specified. - Command Execution (LOW): Recommends local execution of
opensslfor secret generation. This is a legitimate use of a system utility but constitutes command execution capability.
Recommendations
- AI detected serious security threats
Audit Metadata