Loading...
Loading...
Found 7 Skills
This skill provides guidance and enforcement rules for implementing secure email and password authentication using Better Auth.
Add email verification, password reset, and account management emails to Better Auth using Resend.
Implement secure JWT (JSON Web Token) authentication in Node.js applications with access/refresh tokens and role-based access control
Manage authentication and user operations in Supabase. Use for sign up, sign in, sign out, password resets, and user management.
Use when implementing password reset or change functionality in a Bknd application. Covers server-side password changes, building forgot-password flows with email tokens, and security considerations.
HTTP Host header injection and routing abuse playbook. Use when the application trusts the Host header for generating URLs, routing requests, or access control — enabling password reset poisoning, web cache poisoning, SSRF via routing, and virtual host bypass.
Test web applications for HTTP Host header injection vulnerabilities to identify password reset poisoning, web cache poisoning, SSRF, and virtual host routing manipulation risks.