validating-authentication-implementations

# Authentication Validator

This skill provides automated assistance for authentication validator tasks.

## Overview

This skill allows Claude to assess the security of authentication mechanisms in a system or application. It provides a detailed report highlighting potential vulnerabilities and offering recommendations for improvement based on established security principles.

## How It Works

1. **Initiate Validation**: Upon receiving a trigger phrase, the skill activates the `authentication-validator` plugin.
2. **Analyze Authentication Methods**: The plugin examines the implemented authentication methods, such as JWT, OAuth, session-based, or API keys.
3. **Generate Security Report**: The plugin generates a comprehensive report outlining potential vulnerabilities and recommended fixes related to password security, session management, token security (JWT), multi-factor authentication, and account security.

## When to Use This Skill

This skill activates when you need to:
- Assess the security of an application's authentication implementation.
- Identify vulnerabilities in password policies and session management.
- Evaluate the security of JWT tokens and MFA implementation.
- Ensure compliance with security best practices and industry standards.

## Examples

### Example 1: Assessing JWT Security

User request: "validate authentication for jwt implementation"

The skill will:
1. Activate the `authentication-validator` plugin.
2. Analyze the JWT implementation, checking for strong signing algorithms, proper expiration claims, and audience/issuer validation.
3. Generate a report highlighting any vulnerabilities and recommending best practices for JWT security.

### Example 2: Checking Session Security

User request: "authcheck session cookies"

The skill will:
1. Activate the `authentication-validator` plugin.
2. Analyze the session cookie settings, including HttpOnly, Secure, and SameSite attributes.
3. Generate a report outlining any potential session fixation o