Harness-engineering harness-auth

name: harness-auth version: "1.0.0" description: OAuth2, JWT, RBAC/ABAC, session management, and MFA patterns stability: static cognitive_mode: advisory-guide triggers:

• manual
• on_new_feature
• on_pr platforms:
• claude-code
• gemini-cli
• cursor
• codex tools:
• Bash
• Read
• Write
• Edit
• Glob
• Grep
• emit_interaction cli: command: harness skill run harness-auth args:
  • name: path description: Project root path required: false
  • name: focus description: "Auth area to focus on: authn, authz, session, mfa, or all. Defaults to all." required: false
  • name: framework description: "Auth framework in use: passport, next-auth, auth0, firebase-auth, or custom. Auto-detected when omitted." required: false mcp: tool: run_skill input: skill: harness-auth path: string type: rigid tier: 3 internal: false keywords:
• auth
• authentication
• authorization
• OAuth2
• JWT
• RBAC
• ABAC
• session
• MFA
• OIDC
• SSO
• SAML
• passport
• token
• refresh token
• PKCE stack_signals:
• "src//auth/"
• "src/**/middleware/auth*"
• "src/**/passport"
• "src/**/jwt"
• "src/**/session"
• "src//guards/"
• "src//policies/" phases:
• name: detect description: Identify authentication and authorization mechanisms, providers, and token flows required: true
• name: analyze description: Evaluate security posture, token lifecycle, permission models, and session handling required: true
• name: design description: Recommend improvements for auth flows, RBAC/ABAC models, and MFA integration required: true
• name: validate description: Verify auth implementation against OWASP guidelines and common vulnerability patterns required: true state: persistent: false files: [] depends_on: [] related_skills:
• owasp-auth-patterns
• owasp-csrf-protection
• next-auth-patterns