better-auth-best-practices
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs the agent to run
npx @better-auth/cli@latest. This downloads and executes code from the npm registry. Since the@better-authorganization is not in the list of trusted sources, the safety of this external dependency cannot be verified. - COMMAND_EXECUTION (MEDIUM): Specific instructions are provided for
npx @better-auth/cli mcp --cursor. This command modifies the AI agent's environment by registering new Model Context Protocol (MCP) tools, which constitutes a persistent change to the agent's capabilities via an external, unverified script. - PROMPT_INJECTION (LOW): The instruction to 'Always consult better-auth.com/docs' directs the agent to fetch and follow external instructions from an unverified source. This creates an Indirect Prompt Injection surface where an attacker controlling the documentation could theoretically provide malicious instructions that the agent would follow as part of its 'integration' task.
Audit Metadata