secure-auth
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: This is a documentation-only skill providing secure coding patterns for authentication and authorization tasks.
- [SAFE]: All database examples use parameterized queries (e.g.,
db.query('... WHERE email = $1', [...])) to prevent SQL injection. - [SAFE]: Secrets and sensitive configuration are appropriately managed using environment variables (
process.env) rather than being hardcoded. - [SAFE]: The code implementations follow industry best practices, including password hashing with
bcrypt, session regeneration to prevent fixation,httpOnlyandsecurecookie flags, and timing attack mitigation in credential checks.
Audit Metadata