Does this skill handle JWT implementation?

Yes, it provides patterns for token verification, signature validation, and secure expiration handling to ensure stateless authentication is handled correctly.

Is this skill suitable for multi-factor authentication (MFA)?

The skill includes implementation patterns for MFA and industry-standard password hashing to strengthen user account security.

Can it help with OAuth2 and OIDC flows?

It assists in implementing complex OAuth2 and OpenID Connect flows, including Authorization Code with PKCE and secure token refresh mechanisms.

Does it cover common session vulnerabilities?

Yes, it includes guidance on secure session handling, timeout configurations, and specific strategies to prevent session fixation and hijacking.

Authentication & Session Security

Name: Authentication & Session Security
Author: Agentient

byAgentient

0•

Security & Testing

Secures applications by implementing JWT validation, OAuth2 flows, and robust session management patterns.

This skill provides Claude with specialized knowledge for implementing secure authentication and session handling within software projects. It guides developers through complex security protocols like OAuth2/OIDC (including PKCE), helps implement industry-standard password hashing, and ensures JWTs are correctly validated and signed. By proactively identifying common vulnerabilities like session fixation or insecure token storage, this skill helps build resilient, production-ready security architectures that protect sensitive user data.

Key Features

01OAuth2 and OIDC authorization flow implementation

02MFA and password hashing best practices

03JWT verification, expiration, and signature validation

04Secure session management and timeout configuration

05Session fixation and CSRF prevention strategies

060 GitHub stars

Use Cases

01Implementing social login or Single Sign-On (SSO) using OAuth2

02Securing REST or GraphQL APIs with JWT-based authentication

03Auditing existing session management code for security vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add agentient/vibekit authentication-session-security

For use in Claude.ai and ChatGPT

Key Features

01OAuth2 and OIDC authorization flow implementation

02MFA and password hashing best practices

03JWT verification, expiration, and signature validation

04Secure session management and timeout configuration

05Session fixation and CSRF prevention strategies

060 GitHub stars

Use Cases

01Implementing social login or Single Sign-On (SSO) using OAuth2

02Securing REST or GraphQL APIs with JWT-based authentication

03Auditing existing session management code for security vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add agentient/vibekit authentication-session-security

For use in Claude.ai and ChatGPT