better-auth-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown documentation and configuration instructions. It does not contain any executable scripts (.py, .js, .sh) or automation logic that could be run on a host system.
- [EXTERNAL_DOWNLOADS] (LOW): The guide references the use of the
@better-auth/clipackage vianpx. While this involves downloading code from the npm registry, it is standard behavior for the described framework and is presented as a manual step for the developer. - [COMMAND_EXECUTION] (LOW): The markdown lists various CLI commands (migrate, generate, mcp). These are informational references for the AI to provide to a user and are not executed automatically by the skill.
- [CREDENTIALS_SAFE] (SAFE): The skill correctly identifies sensitive environment variables like
BETTER_AUTH_SECRETbut provides instructions on how to generate them securely (using openssl) rather than including hardcoded secrets.
Audit Metadata