email-and-password-best-practices

Provides secure email and password authentication practices using Better Auth, enhancing user verification and security measures.

Install this skill

82/100

Security score

The email-and-password-best-practices skill was audited on May 24, 2026 and we found 6 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 20

Template literal with variable interpolation in command context

SourceSKILL.md

20	text: `Click the link to verify your email: ${url}`,

medium line 78

Template literal with variable interpolation in command context

SourceSKILL.md

78	text: `Click the link to reset your password: ${url}`,

medium line 84

Template literal with variable interpolation in command context

SourceSKILL.md

84	console.log(`Password for user ${user.email} has been reset.`);

low line 56

External URL reference

SourceSKILL.md

56	callbackURL: "https://example.com/callback", // absolute URL with origin

low line 172

External URL reference

SourceSKILL.md

172	redirectTo: "https://example.com/reset-password",

low line 182

External URL reference

SourceSKILL.md

182	redirectTo: "https://example.com/reset-password",

Scanned on May 24, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

openclaw backend api backend-developer security-engineer devops-sre development

FabioFiorita/tastik