Skip to main content

auth0

Implements Auth0 authentication in Next.js applications, enabling secure user management and role-based access control.

Install this skill

or
65/100

Security score

The auth0 skill was audited on Feb 9, 2026 and we found 19 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 187

Template literal with variable interpolation in command context

SourceSKILL.md
187message: `Hello ${session?.user.name}`
medium line 209

Template literal with variable interpolation in command context

SourceSKILL.md
209Authorization: `Bearer ${accessToken}`
medium line 241

Template literal with variable interpolation in command context

SourceSKILL.md
241api.idToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles)
medium line 242

Template literal with variable interpolation in command context

SourceSKILL.md
242api.accessToken.setCustomClaim(`${namespace}/roles`, event.authorization.roles)
low line 207

Fetch to external URL

SourceSKILL.md
207const response = await fetch('https://api.example.com/data', {
low line 21

Access to .env file

SourceSKILL.md
21# .env.local
low line 23

External URL reference

SourceSKILL.md
23AUTH0_BASE_URL='http://localhost:3000'
low line 24

External URL reference

SourceSKILL.md
24AUTH0_ISSUER_BASE_URL='https://your-tenant.auth0.com'
low line 34

External URL reference

SourceSKILL.md
342. Set Allowed Callback URLs: `http://localhost:3000/auth/callback`
low line 35

External URL reference

SourceSKILL.md
353. Set Allowed Logout URLs: `http://localhost:3000`
low line 36

External URL reference

SourceSKILL.md
364. Set Allowed Web Origins: `http://localhost:3000`
low line 207

External URL reference

SourceSKILL.md
207const response = await fetch('https://api.example.com/data', {
low line 227

External URL reference

SourceSKILL.md
227AUTH0_AUDIENCE='https://api.example.com'
low line 239

External URL reference

SourceSKILL.md
239const namespace = 'https://myapp.com'
low line 256

External URL reference

SourceSKILL.md
256return session.user['https://myapp.com/roles'] || []
low line 280

External URL reference

SourceSKILL.md
280const roles = session?.user['https://myapp.com/roles'] || []
low line 301

External URL reference

SourceSKILL.md
301audience: 'https://api.example.com',
low line 413

External URL reference

SourceSKILL.md
413acr_values: 'http://schemas.openid.net/pape/policies/2007/06/multi-factor'
low line 432

External URL reference

SourceSKILL.md
432picture: 'https://example.com/avatar.png'
Scanned on Feb 9, 2026
View Security Dashboard
Installation guide →
GitHub Stars 106
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawapibackendbackend-developerfullstack-developerproduct-managerdevelopmentproduct
majiayu000/claude-skill-registry