auth-provider
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECREDENTIALS_UNSAFE
Full Analysis
- SAFE (INFO): The skill implements PKCE (Proof Key for Code Exchange) and state-based CSRF protection for all OAuth 2.0 provider adapters (Google, Slack, QuickBooks), mitigating common session and code interception attacks. Evidence found in src/providers/base.ts.
- SAFE (INFO): The CLI implementation explicitly filters sensitive credential values (access tokens, API secrets) from status and list command outputs to prevent accidental log leakage. Evidence found in src/cli.ts.
- CREDENTIALS_UNSAFE (LOW): The save-apikey command in src/cli.ts accepts sensitive keys and secrets as command-line flags, which can lead to these values being stored in plaintext in the user's shell history file.
- SAFE (LOW): Indirect Prompt Injection Surface: The skill retrieves untrusted data from external APIs (e.g., Slack, Google) and possesses capabilities such as sending messages or making arbitrary API requests. 1. Ingestion points: src/providers/slack.ts (listChannels, authTest), src/providers/google.ts (getUserProfile). 2. Boundary markers: Absent. 3. Capability inventory: src/providers/slack.ts (sendMessage), src/providers/binance.ts (request). 4. Sanitization: Absent; the skill passes raw API responses to the calling agent.
Audit Metadata