Skills
skills/allenlin90/eridu-services/authentication-authorization-nestjs/Gen Agent Trust Hub

authentication-authorization-nestjs

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill acts as a security-focused guide, promoting secure coding practices for authentication and authorization.
  • [SAFE]: It correctly identifies and provides remediations for common vulnerabilities:
  • Insecure Direct Object Reference (IDOR): Warns against trusting user-supplied IDs in request bodies and recommends using IDs extracted from validated JWTs.
  • Cross-Site Scripting (XSS): Identifies the risks of localStorage for token storage and recommends HTTP-only cookies.
  • Information Disclosure: Recommends generic error messages to prevent user enumeration.
  • [SAFE]: The skill references first-party or context-appropriate packages such as @eridu/auth-sdk and @eridu/api-types for implementation, which is consistent with the described 'Eridu Services' monorepo context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 02:03 PM
Security Audit — agent-trust-hub — authentication-authorization-nestjs