Does this skill handle JWT implementation?

Yes, it provides patterns for token verification, signature validation, and secure expiration handling to ensure stateless authentication is handled correctly.

Is this skill suitable for multi-factor authentication (MFA)?

The skill includes implementation patterns for MFA and industry-standard password hashing to strengthen user account security.

Can it help with OAuth2 and OIDC flows?

It assists in implementing complex OAuth2 and OpenID Connect flows, including Authorization Code with PKCE and secure token refresh mechanisms.

Does it cover common session vulnerabilities?

Yes, it includes guidance on secure session handling, timeout configurations, and specific strategies to prevent session fixation and hijacking.

Authentication & Session Security

Name: Authentication & Session Security
Author: Agentient

byAgentient

セキュリティとテスト

Secures applications by implementing JWT validation, OAuth2 flows, and robust session management patterns.

概要

This skill provides Claude with specialized knowledge for implementing secure authentication and session handling within software projects. It guides developers through complex security protocols like OAuth2/OIDC (including PKCE), helps implement industry-standard password hashing, and ensures JWTs are correctly validated and signed. By proactively identifying common vulnerabilities like session fixation or insecure token storage, this skill helps build resilient, production-ready security architectures that protect sensitive user data.

主な機能

OAuth2 and OIDC authorization flow implementation
MFA and password hashing best practices
JWT verification, expiration, and signature validation
Secure session management and timeout configuration
Session fixation and CSRF prevention strategies
0 GitHub stars

ユースケース

Implementing social login or Single Sign-On (SSO) using OAuth2
Securing REST or GraphQL APIs with JWT-based authentication
Auditing existing session management code for security vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add agentient/vibekit authentication-session-security

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要