Batter Auth Complete Documentation
v1.4.18Complete Better Auth documentation in markdown format. Use when implementing authentication in TypeScript projects - covers OAuth providers (Google, GitHub, etc.), email/password, passkeys, 2FA, session management, database adapters (Prisma, Drizzle), and framework integrations (Next.js, SvelteKit, etc.).
⭐ 1· 1.5k·3 current·3 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description (Better Auth documentation) matches what is packaged: a large set of markdown/mdx reference files under references/. It does not request unrelated binaries, credentials, or config paths. (Minor nit: the top-level name includes the typo "Batter" but the SKILL.md and files are clearly for "better-auth".)
Instruction Scope
SKILL.md explicitly instructs the agent to read files under references/ and answer questions about authentication implementation. It does not instruct the agent to read other system files, access environment variables, or transmit data externally. The documentation does include examples that reference running npx/CLI commands and external URLs (e.g., GitHub, better-auth.com, an MCP URL), but those are parts of the docs and not instructions for the agent to exfiltrate data. Be aware that following those example commands as a user will perform network actions.
Install Mechanism
No install spec and no code files to execute — this is instruction-only, which is the lowest-risk install posture. Nothing is downloaded or written by the skill itself.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. The documented examples mention typical env vars used by Better Auth (e.g., GITHUB_CLIENT_ID) but those are part of the referenced documentation and not required by the skill itself.
Persistence & Privilege
The skill is not force-included (always:false) and does not request persistent privileges. Autonomous invocation (disable-model-invocation:false) is platform default and acceptable here; combined with the other factors there is no elevated privilege concern.
Assessment
This skill is a packaged copy of Better Auth documentation and is internally coherent. Before installing or using it, consider: 1) Source trust: the skill's source/homepage is unknown — if you need guarantees, prefer obtaining docs from the official project repo or website. 2) External commands/URLs in the docs: some examples call npx, CLI commands, or reference remote MCP/telemetry endpoints — do not run those commands or enable telemetry unless you trust the upstream project and understand the network interactions. 3) Telemetry: the docs describe an optional telemetry feature — ensure you do not enable telemetry or paste secrets when testing. If you require higher assurance, ask the publisher for the original upstream repository URL or a signed provenance record.Like a lobster shell, security has layers — review code before you run it.
2favk973zrj4v7bweb44mspyyj1bwd80m9gpauthenticationvk973zrj4v7bweb44mspyyj1bwd80m9gpbetter-authvk973zrj4v7bweb44mspyyj1bwd80m9gpdocumentationvk973zrj4v7bweb44mspyyj1bwd80m9gpdrizzlevk973zrj4v7bweb44mspyyj1bwd80m9gplatestvk973zrj4v7bweb44mspyyj1bwd80m9gpnextjsvk973zrj4v7bweb44mspyyj1bwd80m9gpoauthvk973zrj4v7bweb44mspyyj1bwd80m9gppasskeysvk973zrj4v7bweb44mspyyj1bwd80m9gpprismavk973zrj4v7bweb44mspyyj1bwd80m9gptypescriptvk973zrj4v7bweb44mspyyj1bwd80m9gp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.