siwe
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The implementation follows EIP-4361 standards, utilizing cryptographically secure nonces and mandatory signature verification.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the iron-session package, which is a trusted, well-known library for encrypted cookie-based session management in the Node.js ecosystem.
- [COMMAND_EXECUTION]: The instructions include standard administrative commands for package management via yarn and secure secret generation using openssl.
- [CREDENTIALS_UNSAFE]: While the code contains a fallback secret for development environments, it incorporates a production-ready guard that throws an error if a secure IRON_SESSION_SECRET environment variable is not provided in a production setting.
Audit Metadata