authentication-setup
Design and implement authentication and authorization systems. Use when setting up user login, JWT tokens, OAuth, session management, or role-based access control. Handles password security, token management, SSO integration.
90
88%
Does it follow best practices?
Impact
97%
1.19xAverage score across 3 eval scenarios
Passed
No known issues
Evaluation results
100%
18%Secure Token Service for a Multi-Tenant SaaS API
JWT token security and configuration
Access token expiry 15m
100%
100%
Refresh token expiry 7d+
100%
100%
Secrets via env vars
100%
100%
.env.example provided
100%
100%
No sensitive payload data
100%
100%
Minimal payload fields
100%
100%
Issuer claim used
0%
100%
Audience claim used
0%
100%
Separate access/refresh secrets
100%
100%
Refresh token DB storage
80%
100%
No .env file committed
100%
100%
93%
20%User Account Registration System for a Healthcare Portal
Password security and user data model
Uses bcrypt library
0%
100%
Salt rounds >= 10
0%
100%
No plaintext passwords stored
100%
100%
Min 8 char password rule
100%
100%
Complexity rules enforced
100%
100%
UUID primary key
100%
100%
password_hash nullable
0%
0%
Email index
100%
100%
RefreshToken table
100%
100%
Cascade delete on tokens
100%
100%
Duplicate email check
100%
100%
Password not in logs
100%
100%
100%
12%Admin Dashboard API Security for an E-Commerce Platform
Auth middleware and role-based access control
Bearer token extraction
88%
100%
req.user populated
100%
100%
401 for missing token
100%
100%
401 for expired token
75%
100%
403 for invalid token
0%
100%
requireRole middleware
90%
100%
401 when unauthenticated in requireRole
100%
100%
403 for wrong role
100%
100%
Rate limiting on login
100%
100%
CORS configured
100%
100%
CORS credentials enabled
100%
100%
Admin route protected
100%
100%
- Repository
- supercent-io/skills-template
- Commit
c033769
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.