create-auth-skill
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a 'Planning Phase' that uses automated project scanning to detect frameworks and databases, followed by user-facing questions to confirm requirements before any changes are made.
- [CREDENTIALS_SAFE]: Instructions explicitly direct users to store sensitive information like secrets and API keys in environment variables. It provides a secure command for generating high-entropy secrets using OpenSSL.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation and repositories from better-auth.com and GitHub. These are well-known resources for the framework being implemented.
- [COMMAND_EXECUTION]: The skill recommends standard package management commands (npm install) and framework-specific CLI tools (@better-auth/cli) for database migrations and schema generation, which is expected behavior for a scaffolding tool.
- [DATA_EXPOSURE]: While the skill scans project configuration files (e.g., package.json, prisma.schema), it does so locally to provide context-aware implementation steps and does not attempt to exfiltrate this data.
Audit Metadata