About
This skill provides modern authentication implementation patterns including passwordless options (FIDO2/WebAuthn/Passkeys) and MFA. It covers OAuth 2.1, session management, and security features for Next.js and Express.js applications. Use it when implementing enterprise-grade authentication with current security standards.
Quick Install
Claude Code
Recommendednpx skills add mattnigh/skills_collection -a claude-code/plugin add https://github.com/mattnigh/skills_collectiongit clone https://github.com/mattnigh/skills_collection.git ~/.claude/skills/moai-security-authCopy and paste this command in Claude Code to install this skill
GitHub Repository
Frequently asked questions
What is the moai-security-auth skill?
moai-security-auth is a Claude Skill by mattnigh. Skills package instructions and resources that Claude loads on demand, so Claude can perform moai-security-auth-related tasks without extra prompting.
How do I install moai-security-auth?
Use the install commands on this page: add moai-security-auth to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does moai-security-auth belong to?
moai-security-auth is in the Security category, tagged ai.
Is moai-security-auth free to use?
Yes. moai-security-auth is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
Related Skills
This skill implements JWT authentication for FastAPI APIs, protecting endpoints with token validation and user-specific access control. It's designed for securing REST APIs that require stateless authentication or role-based access. Use it when you need to add standardized JWT security to your FastAPI applications.
The content-security-scan skill automatically checks external markdown or text content from GitHub or the web against a 7-step security gate, returning a PASS/FAIL result. It's designed for developers to safely vet third-party content before integration, preventing risks like prompt injection or data exfiltration. Use it as a mandatory security checkpoint in workflows that fetch external code, documentation, or agent skills.
This skill provides JWT authentication for FastAPI APIs, securing endpoints with token validation and user-specific access control. It's ideal for implementing stateless authentication in microservices or adding role-based access to REST APIs. Use it when you need to protect API resources that require user authentication.
This skill provides a production-tested setup for Content Collections, a TypeScript-first tool that transforms Markdown/MDX files into type-safe data collections with Zod validation. Use it when building blogs, documentation sites, or content-heavy Vite + React applications to ensure type safety and automatic content validation. It covers everything from Vite plugin configuration and MDX compilation to deployment optimization and schema validation.
