workos-authkit-vanilla-js
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves implementation details from the official WorkOS GitHub repository (github.com/workos/authkit-js) which is a trusted vendor source.
- [SAFE]: The skill follows security best practices for client-side authentication. It correctly identifies that WorkOS API keys should not be used in the client-side SDK and limits environment variables to public client IDs. No malicious obfuscation, command execution, or data exfiltration patterns were found.
Audit Metadata