oauth-implementation
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reference for secure authentication implementation, providing code templates for OAuth 2.0 and OpenID Connect.
- [SAFE]: All sensitive data fields in the code snippets, such as client secrets and private keys, use explicit placeholders like 'your-client-secret' or are retrieved from configuration objects.
- [SAFE]: The implementation examples follow industry security standards, specifically advocating for the use of PKCE (Proof Key for Code Exchange) and strict validation of the 'state' parameter to prevent CSRF.
- [SAFE]: Referenced external endpoints for discovery and metadata are either established services (Google) or clearly marked as example domains (example.com).
- [SAFE]: No malicious patterns, obfuscation, or unauthorized network operations were identified.
Audit Metadata