auth
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [Secure Dependency Integration]: The skill facilitates the installation of official authentication SDKs from established services, including @clerk/nextjs, @descope/nextjs-sdk, and @auth0/nextjs-auth0. Using these well-known libraries is a standard and secure practice for implementing robust identity management.
- [Credential Management Best Practices]: Instructions for configuring sensitive keys (e.g., CLERK_SECRET_KEY, AUTH0_SECRET) use appropriate placeholders and emphasize the use of Vercel's Marketplace for automated secret provisioning. This approach helps prevent the accidental hardcoding or exposure of credentials.
- [Security Alignment Validation]: The skill includes validation patterns to identify manual Vercel OAuth setups and recommends migrating to OIDC-based identity providers. This proactive guidance assists developers in moving toward more modern and secure authentication architectures.
Audit Metadata