Name: auth0-mfa
Rating: 0.828 (1 reviews)
Author: auth0

auth0-mfa

Use when adding multi-factor authentication (MFA/2FA) or requiring additional verification for sensitive operations - covers step-up auth, adaptive MFA, and risk-based authentication with Auth0

Install with Tessl CLI

npx tessl i github:auth0/agent-skills --skill auth0-mfa

What are skills?

1.42x

Review — 73%

Does it follow best practices?

If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:

npx tessl skill review --optimize ./path/to/skill

Learn more

Evaluation — 98%

↑ 1.42x

Agent success when using this skill

Validation — 11 / 11 Passed

Validation for skill structure

SKILL.md

Review

Evals

Evaluation results

100%

20%

Protect Sensitive User Actions with Step-Up Authentication in React

React step-up auth hook

Criteria

Without context

With context

Correct acr_values URL

100%

AMR claim check

100%

max_age: 0 used

100%

Silent step-up first

100%

cacheMode off

100%

Fallback to loginWithRedirect

100%

Returns false on redirect

100%

Auth0 React package

100%

Verification state tracking

100%

Reusable hook structure

100%

Without context: $0.2793 · 1m 37s · 15 turns · 18 in / 5,458 out tokens

With context: $0.4779 · 1m 30s · 22 turns · 2,201 in / 4,896 out tokens

100%

45%

Build a Secure Transaction API with MFA Enforcement

Node.js backend MFA validation

Criteria

Without context

With context

express-jwt package

100%

jwks-rsa integration

100%

RS256 algorithm

100%

JWKS URI pattern

50%

100%

AUTH0_AUDIENCE env var

100%

Backend amr claim check

100%

403 mfa_required response

50%

100%

Middleware separation

100%

Threshold-based MFA

100%

Backend-only enforcement

100%

jwks cache/rateLimit

100%

Without context: $0.4867 · 2m 1s · 24 turns · 29 in / 7,324 out tokens

With context: $0.7068 · 2m 24s · 33 turns · 2,212 in / 7,818 out tokens

94%

22%

Implement Risk-Based MFA with Auth0 Actions

Adaptive MFA Auth0 Action

Criteria

Without context

With context

api.multifactor.enable usage

100%

MFA already-completed check

50%

Admin role risk signal

100%

Geolocation risk signal

100%

allowRememberBrowser: false for admins

100%

allowRememberBrowser: true for lower-risk

100%

Post-login trigger

100%

Correct event.authentication path

100%

Deploy instructions

100%

No unnecessary early exits

50%

100%

Without context: $0.3305 · 1m 28s · 18 turns · 25 in / 4,685 out tokens

With context: $0.4537 · 1m 33s · 23 turns · 2,203 in / 4,481 out tokens

Evaluated: 3 days ago
Agent: Claude Code
Model: Unknown

Table of Contents

Protect Sensitive User Actions with Step-Up Authentication in React Build a Secure Transaction API with MFA Enforcement Implement Risk-Based MFA with Auth0 Actions

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.