nestjs-security

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill promotes secure development practices by recommending modern cryptographic standards, such as Argon2id for password hashing and AES-256-GCM for encryption.
  • [SAFE]: It enforces strong authentication and authorization patterns, specifically advising the use of RS256 for JWT signatures and global 'deny-by-default' authentication guards.
  • [SAFE]: The implementation examples correctly demonstrate the use of well-known security libraries like Helmet for header hardening and Throttler for rate limiting.
  • [SAFE]: The skill provides explicit guidance on avoiding common vulnerabilities such as mass assignment (via ValidationPipe), sensitive data exposure (via ClassSerializerInterceptor), and CSRF.
  • [SAFE]: It properly advises against the use of hardcoded secrets and environment files for sensitive data, recommending the use of secure vault services instead.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 08:06 AM
Security Audit — agent-trust-hub — nestjs-security