// Probe a site's authentication flow for redirect leaks, missing CSRF, weak session cookies, and OAuth misconfiguration; produces an auth findings.md
Comprehensive GitHub project management with swarm-coordinated issue tracking, project board automation, and sprint planning
Comprehensive GitHub code review with AI-powered swarm coordination
Multi-repository coordination, synchronization, and architecture management with AI swarm orchestration
Comprehensive GitHub release orchestration with AI swarm coordination for automated versioning, testing, deployment, and rollback management
Advanced GitHub Actions workflow automation with AI swarm coordination, intelligent CI/CD pipelines, and comprehensive repository management
Comprehensive truth scoring, code quality verification, and automatic rollback system with 0.95 accuracy threshold for ensuring high-quality agent outputs and codebase reliability.
| name | browser-auth-flow |
| description | Probe a site's authentication flow for redirect leaks, missing CSRF, weak session cookies, and OAuth misconfiguration; produces an auth findings.md |
| argument-hint | <login-url> [--credentials <handle>] [--probes csrf,redirect,cookie,oauth] |
| allowed-tools | mcp__claude-flow__browser_open mcp__claude-flow__browser_close mcp__claude-flow__browser_fill mcp__claude-flow__browser_type mcp__claude-flow__browser_click mcp__claude-flow__browser_wait mcp__claude-flow__browser_eval mcp__claude-flow__browser_snapshot mcp__claude-flow__browser_get-url mcp__claude-flow__aidefence_has_pii mcp__claude-flow__aidefence_scan Bash Read Write |
Adversarial probe of a site's authentication. Drives the login flow once, records the trajectory, then runs a configurable set of probes against the captured artifacts and live page. Output is a structured findings.md inside the RVF container.
Open a recorded session via browser-record.
Drive the auth flow as in browser-login (credentials come from --credentials <handle> referencing browser-cookies if the run is a re-auth probe).
Run probes:
csrf: inspect the login POST in the trajectory; verify a same-origin token field is present and non-empty.redirect: watch browser_get-url after each nav for cross-origin redirects with auth state in the URL or fragment. Flag any token-bearing URL that crosses an origin boundary.cookie: walk document.cookie via browser_eval. For each cookie, check Secure, HttpOnly, SameSite, expiry, and entropy of the value. Flag missing flags or short tokens. Pass each through aidefence_scan to flag PII embedded in cookie values.oauth: if the flow involves a third-party provider, capture the authorization request, verify state and nonce are present and high-entropy, verify redirect_uri matches the registered callback domain.Quarantine any token / credential / PII captured during probing — it stays inside the RVF container's findings, never returns to the model unredacted (aidefence_is_safe gate from browser-extract applies if you read the findings back).
Write findings.md with one section per probe, severity rating per finding, and a verdict (pass / warn / fail).
Index the session in browser-sessions with tag: auth-probe so future audits compare against it.