integrate-better-auth

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill guides the installation of standard Node.js libraries and development tools from the official package registry.
  • Evidence: Installation commands in references/phase-2-install-commands.sh include better-auth, bcryptjs, drizzle-orm, and pg.
  • [COMMAND_EXECUTION]: The skill includes shell scripts to start the local development server and perform verification checks via curl.
  • Evidence: references/phase-5-verify-auth.sh executes pnpm dev and a local curl command to http://localhost:3000/api/auth/ok.
  • [CREDENTIALS_UNSAFE]: The skill provides an example environment configuration file that uses secure placeholders for sensitive secrets, following best practices for secret management.
  • Evidence: references/env/.env.example includes placeholders for database URLs and authentication secrets (e.g., <openssl rand -hex 32>) rather than hardcoded credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 11:55 AM
Security Audit — agent-trust-hub — integrate-better-auth