electron-betterauth
Enables secure authentication in Electron apps using BetterAuth with OS-level token encryption and automatic token refresh.
Install this skill
Security score
The electron-betterauth skill was audited on Mar 8, 2026 and we found 24 security issues across 4 threat categories, including 6 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 173 | return { success: false, error: `Encryption failed: ${error}` }; |
Template literal with variable interpolation in command context
| 189 | return { success: false, error: `Decryption failed: ${error}` }; |
Template literal with variable interpolation in command context
| 198 | return { success: false, error: `Delete failed: ${error}` }; |
Template literal with variable interpolation in command context
| 207 | return { success: false, error: `Clear failed: ${error}` }; |
Template literal with variable interpolation in command context
| 430 | context.headers.set("Authorization", `Bearer ${result.data}`); |
Template literal with variable interpolation in command context
| 521 | throw new Error(`Failed to store tokens: ${tokenResult.error}`); |
Template literal with variable interpolation in command context
| 661 | const response = await fetch(`${API_BASE_URL}/api/auth/refresh`, { |
Template literal with variable interpolation in command context
| 695 | headers: { ...options.headers, Authorization: `Bearer ${accessToken}` }, |
Template literal with variable interpolation in command context
| 706 | headers: { ...options.headers, Authorization: `Bearer ${newToken}` }, |
Template literal with variable interpolation in command context
| 745 | const url = `${API_BASE_URL}${path}`; |
Template literal with variable interpolation in command context
| 753 | ...(accessToken ? { Authorization: `Bearer ${accessToken}` } : {}), |
Access to system keychain/keyring
| 20 | multi-process architecture, BetterAuth's session model, and OS keychain services |
Access to system keychain/keyring
| 29 | - Storing tokens securely in a desktop app with OS keychain encryption |
Access to system keychain/keyring
| 54 | keychain |
Access to system keychain/keyring
| 66 | - NEVER sees raw encryption keys or OS keychain |
Access to system keychain/keyring
| 79 | - Owns safeStorage API (OS keychain access) |
Access to system keychain/keyring
| 165 | // 1. Encrypt with OS keychain |
Access to system keychain/keyring
| 213 | keychain but does NOT persist. `electron-store` persists but does NOT encrypt. |
Access to system keychain/keyring
| 483 | // 1. Check if OS keychain is available (Linux edge case) |
Access to system keychain/keyring
| 880 | `safeStorage.encryptString()` uses the OS keychain to encrypt a string, but it |
Access to system keychain/keyring
| 891 | gnome-keyring or KWallet. You must check availability before any auth operations |
Buffer.from base64 decode
| 185 | const encrypted = Buffer.from(base64, "base64"); |
External URL reference
| 415 | baseURL: "https://your-api.example.com", // Your API server |
External URL reference
| 643 | const API_BASE_URL = "https://your-api.example.com"; |
Install this skill with one command
/learn @ichabodcole/electron-betterauth