session-management

Implements secure session management using JWT tokens and Redis for authentication systems, ensuring user session integrity and security.

Install this skill

80/100

Security score

The session-management skill was audited on May 12, 2026 and we found 8 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 42

Template literal with variable interpolation in command context

SourceSKILL.md

42	await client.hSet(`sessions:${userId}`, sessionId, JSON.stringify({

medium line 46

Template literal with variable interpolation in command context

SourceSKILL.md

46	await client.expire(`sessions:${userId}`, 86400 * 7);

medium line 51

Template literal with variable interpolation in command context

SourceSKILL.md

51	await client.del(`sessions:${userId}`);

low line 19

Access to .env file

SourceSKILL.md

19	process.env.JWT_SECRET,

low line 25

Access to .env file

SourceSKILL.md

25	process.env.REFRESH_SECRET,

low line 61

Access to .env file

SourceSKILL.md

61	secret: process.env.SESSION_SECRET,

low line 64

Access to .env file

SourceSKILL.md

64	secure: process.env.NODE_ENV === 'production',

low line 81

Access to .env file

SourceSKILL.md

81	const payload = jwt.verify(refreshToken, process.env.REFRESH_SECRET);

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 73

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

frontend backend-developer devops-sre security-engineer redis development

secondsky/claude-skills