Auth0 React

Security checks across malware telemetry and agentic risk

Overview

This Auth0 React skill is mostly legitimate documentation, but it needs review because some setup and token-handling examples can change local/Auth0 configuration or expose bearer tokens too casually.

Install only if you are comfortable reviewing the setup commands before running them. Prefer a trusted package-manager install for the Auth0 CLI, confirm any Auth0 tenant/app creation before it happens, review .env changes without exposing existing secrets, remove the access-token console log, and keep token storage in memory unless you have a clear reason and strong XSS protections for localStorage.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Intent-Code Divergence

Medium

Confidence: 89% confidence
Finding: The document instructs the agent to obtain explicit user confirmation before writing to `.env`, but the provided automation scripts themselves perform the write unconditionally once invoked. In an agentic context, this mismatch is dangerous because an agent may treat the script as self-contained and execute it without preserving the required approval gate, causing unintended modification of a potentially sensitive file.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The documentation explicitly demonstrates `cacheLocation="localstorage"` together with `useRefreshTokens={true}` but does not warn that storing tokens in localStorage increases exposure to token theft if the application ever suffers XSS. In an authentication SDK reference, insecure-looking examples are likely to be copied verbatim into production, making the guidance materially risky even though it is documentation rather than executable code.

Credential Access

High

Category: Privilege Escalation
Content: // For OTP authenticators, you can skip challenge() and go straight to verify() const tokens = await mfa.verify({ mfaToken, otp }); // User is now authenticated — tokens are cached by the SDK console.log('MFA complete, access token:', tokens.access_token); } catch (err) { if (err instanceof MfaVerifyError) { setError('Invalid code. Please try again.');
Confidence: 98% confidence
Finding: access token

Credential Access

High

Category: Privilege Escalation
Content: AUTH0_DOMAIN=$(auth0 apps show "$APP_ID" --json | grep -o '"domain":"[^"]*' | cut -d'"' -f4) AUTH0_CLIENT_ID=$(auth0 apps show "$APP_ID" --json | grep -o '"client_id":"[^"]*' | cut -d'"' -f4) # Append Auth0 credentials to .env cat >> .env << EOF ${PREFIX}_DOMAIN=$AUTH0_DOMAIN ${PREFIX}_CLIENT_ID=$AUTH0_CLIENT_ID
Confidence: 94% confidence
Finding: .env

Credential Access

High

Category: Privilege Escalation
Content: AUTH0_CLIENT_ID=$(auth0 apps show "$APP_ID" --json | grep -o '"client_id":"[^"]*' | cut -d'"' -f4) # Append Auth0 credentials to .env cat >> .env << EOF ${PREFIX}_DOMAIN=$AUTH0_DOMAIN ${PREFIX}_CLIENT_ID=$AUTH0_CLIENT_ID EOF
Confidence: 94% confidence
Finding: .env

Credential Access

High

Category: Privilege Escalation
Content: @" ${prefix}_DOMAIN=$($appDetails.domain) ${prefix}_CLIENT_ID=$($appDetails.client_id) "@ | Out-File -FilePath .env -Encoding UTF8 -Append Write-Host "✅ Auth0 configuration complete!" Write-Host "Appended to .env:"
Confidence: 95% confidence
Finding: .env

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal