jwt-validate

Installation

SKILL.md

JWT Validate

Verify a JWT's signature and validate its claims. Confirms the token is authentic, unexpired, and structurally sound.

Validation Order

Check in this order. Stop and report at the first failure.

1. Structure

Exactly 3 dot-separated parts, each valid base64url
Header and payload parse as valid JSON
Header contains alg; alg is not none (unless explicitly expected)

2. Claims

Related skills

More from jsonwebtoken/jwt-skills

jwt-decode
Decode and inspect JSON Web Tokens (JWTs) without verification. Use when the user provides a JWT string and wants to see its header, payload, or claims — e.g. "decode this JWT", "what's in this token", "inspect this JWT", "show me the claims", "parse this token". Also triggers on raw JWT strings (three base64url segments separated by dots).
155
jwt-encode
Create and sign JSON Web Tokens (JWTs) for testing and development. Use when the user wants to generate, create, build, or sign a JWT — e.g. "create a JWT", "generate a test token", "sign this payload", "make a JWT with these claims", "build an access token". Supports HMAC, RSA, and ECDSA algorithms.
129

Installs

124

Repository

jsonwebtoken/jwt-skills

GitHub Stars

4

First Seen

Apr 7, 2026

Security Audits

Gen Agent Trust HubPass