Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

better-auth-security-best-practices

This skill provides guidance for implementing security features that span across Better Auth, including rate limiting, CSRF protection, session security, trusted origins, secret management, OAuth security, IP tracking, and security auditing. These topics are not covered in individual plugin skills.

In Manus ausführen

Sterne0

Forks0

Aktualisiert26. Februar 2026 um 03:10

Quelle

pohlai88

pohlai88/AFENDA-NEXUS

GitHub-Repository öffnen Creator-Repositorys ansehen

Installationsbefehl

Download

In Manus ausführen

Nützlich fürSOC

InformationssicherheitsanalystenInformatik- und Mathematikberufe15-1212L4

SKILL.md

readonly

Mehr aus diesem Repository

gleiches Repository

shadcn-ui-stitch

pohlai88/AFENDA-NEXUS

Google Labs shadcn/ui skill — component discovery via MCP, installation, customization, blocks. Use with shadcn MCP tools.

2026-03-010

next-best-practices

pohlai88/AFENDA-NEXUS

Next.js best practices - file conventions, RSC boundaries, data patterns, async APIs, metadata, error handling, route handlers, image/font optimization, bundling

2026-02-270

accessibility

pohlai88/AFENDA-NEXUS

Quality assurance for web accessibility and usability, particularly for users with disabilities. Use when involved in any web project.

2026-02-260

better-auth-best-practices

pohlai88/AFENDA-NEXUS

Skill for integrating Better Auth - the comprehensive TypeScript authentication framework.

2026-02-260

claw-release

pohlai88/AFENDA-NEXUS

Release automation for Claw skills and website. Guides through version bumping, tagging, and release verification.

2026-02-260

clawsec-clawhub-checker

pohlai88/AFENDA-NEXUS

ClawHub reputation checker for ClawSec suite. Enhances guarded skill installer with VirusTotal Code Insight reputation scores and additional safety checks.

2026-02-260

name	better-auth-security-best-practices
description	This skill provides guidance for implementing security features that span across Better Auth, including rate limiting, CSRF protection, session security, trusted origins, secret management, OAuth security, IP tracking, and security auditing. These topics are not covered in individual plugin skills.

better-auth-security-best-practices

Mehr aus diesem Repository

Mehr aus diesem Repository

Secret Management

Configuring the Secret

Secret Requirements

Rate Limiting

Default Configuration

Storage Options

Custom Storage

Per-Endpoint Rules

CSRF Protection

How CSRF Protection Works

Configuration

Fetch Metadata Blocking

Trusted Origins

Configuring Trusted Origins

Environment Variable

Wildcard Patterns

Dynamic Trusted Origins

What Gets Validated

Session Security

Session Expiration

Fresh Sessions for Sensitive Actions

Session Caching Strategies

Cookie Security

Default Cookie Settings

Custom Cookie Configuration

Per-Cookie Configuration

Cross-Subdomain Cookies

OAuth / Social Provider Security

PKCE (Proof Key for Code Exchange)

State Parameter Security

Encrypting OAuth Tokens

Skipping State Cookie Check

IP-Based Security

IP Address Configuration

IPv6 Subnet Configuration

Trusted Proxy Headers

Database Hooks for Security Auditing

Setting Up Audit Logging

Blocking Operations

Background Tasks for Timing Attack Prevention

Configuring Background Tasks

Account Enumeration Prevention

Built-in Protections

Additional Recommendations

Complete Security Configuration Example

Security Checklist

Secret Management

Configuring the Secret

Secret Requirements

Rate Limiting

Default Configuration

Storage Options

Custom Storage

Per-Endpoint Rules

CSRF Protection

How CSRF Protection Works

Configuration

Fetch Metadata Blocking

Trusted Origins

Configuring Trusted Origins

Environment Variable

Wildcard Patterns

Dynamic Trusted Origins

What Gets Validated

Session Security

Session Expiration

Fresh Sessions for Sensitive Actions

Session Caching Strategies

Cookie Security

Default Cookie Settings

Custom Cookie Configuration

Per-Cookie Configuration

Cross-Subdomain Cookies

OAuth / Social Provider Security

PKCE (Proof Key for Code Exchange)

State Parameter Security

Encrypting OAuth Tokens