oidc-hosted-page-react
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing well-known and legitimate libraries from the public npm registry:
oidc-client-ts,react-oidc-context, andreact-router-dom. - [CREDENTIALS_UNSAFE]: The implementation guide uses placeholders for sensitive configuration values (e.g.,
client_id) and explicitly instructs users to avoid storing Client Secrets in the front-end code, correctly advocating for the PKCE (Proof Key for Code Exchange) flow for Single Page Applications. - [SAFE]: All network references and documentation links point to the official vendor domain (
ssojet.com), which is consistent with the skill's stated purpose and authorship. - [SAFE]: No patterns of prompt injection, data exfiltration, obfuscation, or unauthorized command execution were detected in the provided files.
Audit Metadata