The Agent Skills Directory

[SAFE]: The skill acts as an educational resource providing secure-by-default boilerplate code for common authentication and authorization scenarios.\n- [SAFE]: Implementation patterns correctly manage sensitive information, such as JWT secrets and OAuth client credentials, by referencing environment variables (process.env) rather than using hardcoded secrets.\n- [SAFE]: The content actively promotes and demonstrates defensive security measures, including bcrypt for secure password hashing, Zod for input validation, and secure session management flags (httpOnly, sameSite, secure).\n- [SAFE]: All identified third-party dependencies are well-known, legitimate Node.js packages commonly used for web security and application development.\n- [SAFE]: No evidence of prompt injection, data exfiltration, obfuscation, or unauthorized command execution was found within the skill instructions or code snippets.

auth-implementation-patterns