better-auth
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation correctly identifies that better-auth v1.4.0+ is ESM-only and provides clear migration paths for users.
- [SAFE]: It emphasizes the use of platform-native secret management (e.g.,
wrangler secret put) instead of hardcoding sensitive credentials. - [SAFE]: External links point to official documentation and well-known repositories (GitHub, Drizzle ORM, Kysely).
- [SAFE]: The included scripts are utility tools for local development and configuration validation with no malicious intent.
- [SAFE]: The skill provides explicit guidance on avoiding common pitfalls, such as the non-existent d1Adapter, and suggests secure alternatives like Drizzle or Kysely for Cloudflare D1 integration.
Audit Metadata