nestjs-security
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill promotes secure development practices by recommending modern cryptographic standards, such as Argon2id for password hashing and AES-256-GCM for encryption.
- [SAFE]: It enforces strong authentication and authorization patterns, specifically advising the use of RS256 for JWT signatures and global 'deny-by-default' authentication guards.
- [SAFE]: The implementation examples correctly demonstrate the use of well-known security libraries like Helmet for header hardening and Throttler for rate limiting.
- [SAFE]: The skill provides explicit guidance on avoiding common vulnerabilities such as mass assignment (via ValidationPipe), sensitive data exposure (via ClassSerializerInterceptor), and CSRF.
- [SAFE]: It properly advises against the use of hardcoded secrets and environment files for sensitive data, recommending the use of secure vault services instead.
Audit Metadata