laravel-auth
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard Laravel 12 implementation patterns for authentication (Sanctum, Passport, Fortify) and authorization (Gates, Policies).
- [SAFE]: Emphasizes critical security rules such as mandatory password hashing using
Hash::make(), session regeneration after login, and the use of HTTPS in production. - [SAFE]: Incorporates CSRF protection guidelines and explains the importance of tokens in state-changing requests.
- [SAFE]: Provides templates for secure password reset flows, email verification, and two-factor authentication (2FA).
- [SAFE]: Adheres to the principle of least privilege by recommending token abilities (scopes) for API authentication.
Audit Metadata