oauth-patterns
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements PKCE (Proof Key for Code Exchange) using standard cryptographic libraries for secure authentication in public clients.
- [SAFE]: It utilizes CSRF protection by generating and validating a state parameter during the OAuth callback flow.
- [SAFE]: Sensitive configuration such as client secrets and session secrets are managed using environment variables, avoiding hardcoded credentials.
- [SAFE]: Network operations are restricted to well-known and trusted identity providers (Google and GitHub).
- [SAFE]: Session management uses signed JWTs with server-side validation and secure cookie attributes (httpOnly, secure, sameSite).
Audit Metadata