Complete Better Auth documentation in markdown format. Use when implementing authentication in TypeScript projects - covers OAuth providers (Google, GitHub, etc.), email/password, passkeys, 2FA, session management, database adapters (Prisma, Drizzle), and framework integrations (Next.js, SvelteKit, etc.).
Security Analysis
high confidenceThis is an instruction-only documentation skill that contains Better Auth docs and the runtime instructions are coherent with that purpose (no credentials, no installs, no unexpected system access).
The skill's name/description (Better Auth documentation) matches what is packaged: a large set of markdown/mdx reference files under references/. It does not request unrelated binaries, credentials, or config paths. (Minor nit: the top-level name includes the typo "Batter" but the SKILL.md and files are clearly for "better-auth".)
SKILL.md explicitly instructs the agent to read files under references/ and answer questions about authentication implementation. It does not instruct the agent to read other system files, access environment variables, or transmit data externally. The documentation does include examples that reference running npx/CLI commands and external URLs (e.g., GitHub, better-auth.com, an MCP URL), but those are parts of the docs and not instructions for the agent to exfiltrate data. Be aware that following those example commands as a user will perform network actions.
No install spec and no code files to execute — this is instruction-only, which is the lowest-risk install posture. Nothing is downloaded or written by the skill itself.
The skill declares no required environment variables, no primary credential, and no config paths. The documented examples mention typical env vars used by Better Auth (e.g., GITHUB_CLIENT_ID) but those are part of the referenced documentation and not required by the skill itself.
The skill is not force-included (always:false) and does not request persistent privileges. Autonomous invocation (disable-model-invocation:false) is platform default and acceptable here; combined with the other factors there is no elevated privilege concern.
Guidance
This skill is a packaged copy of Better Auth documentation and is internally coherent. Before installing or using it, consider: 1) Source trust: the skill's source/homepage is unknown — if you need guarantees, prefer obtaining docs from the official project repo or website. 2) External commands/URLs in the docs: some examples call npx, CLI commands, or reference remote MCP/telemetry endpoints — do not run those commands or enable telemetry unless you trust the upstream project and understand the network interactions. 3) Telemetry: the docs describe an optional telemetry feature — ensure you do not enable telemetry or paste secrets when testing. If you require higher assurance, ask the publisher for the original upstream repository URL or a signed provenance record.
Latest Release
v1.4.18
- Initial release of the better-auth skill, providing comprehensive Better Auth documentation in markdown format. - Covers installation, authentication methods (OAuth, email/password, passkeys, magic links, 2FA), session management, database adapters (Prisma, Drizzle, etc.), and framework integrations (Next.js, SvelteKit, etc.). - Includes quick-reference tables and clear navigation for common authentication and integration tasks. - Documentation is organized by topic (introduction, authentication, adapters, concepts, plugins, integrations, examples, guides, and reference).
More by @leonaaardob
Published by @leonaaardob on ClawHub
