auth-implementation-patterns

Master authentication and authorization patterns to build secure, scalable access control systems for APIs and applications.

Install this skill

84/100

Security score

The auth-implementation-patterns skill was audited on Feb 28, 2026 and we found 12 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 345

Template literal with variable interpolation in command context

SourceSKILL.md

345	res.redirect(`${process.env.FRONTEND_URL}/auth/callback?token=${tokens.accessToken}`);

low line 74

Access to .env file

SourceSKILL.md

74	process.env.JWT_SECRET!,

low line 80

Access to .env file

SourceSKILL.md

80	process.env.JWT_REFRESH_SECRET!,

low line 90

Access to .env file

SourceSKILL.md

90	return jwt.verify(token, process.env.JWT_SECRET!) as JWTPayload;

low line 153

Access to .env file

SourceSKILL.md

153	process.env.JWT_REFRESH_SECRET!

low line 181

Access to .env file

SourceSKILL.md

181	process.env.JWT_SECRET!,

low line 231

Access to .env file

SourceSKILL.md

231	url: process.env.REDIS_URL,

low line 238

Access to .env file

SourceSKILL.md

238	secret: process.env.SESSION_SECRET!,

low line 242

Access to .env file

SourceSKILL.md

242	secure: process.env.NODE_ENV === 'production', // HTTPS only

low line 305

Access to .env file

SourceSKILL.md

305	clientID: process.env.GOOGLE_CLIENT_ID!,

low line 306

Access to .env file

SourceSKILL.md

306	clientSecret: process.env.GOOGLE_CLIENT_SECRET!,

low line 345

Access to .env file

SourceSKILL.md

345	res.redirect(`${process.env.FRONTEND_URL}/auth/callback?token=${tokens.accessToken}`);

Scanned on Feb 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 133

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

Microck/ordinary-claude-skills