← 返回 Skills 市场
85
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install auth0-quickstart
功能描述
Use when adding authentication or login to any app - detects your stack (React, Next.js, Vue, Nuxt, Angular, Express, Fastify, React Native), sets up an Auth...
使用说明 (SKILL.md)
Auth0 Quickstart
Detect your framework and get started with Auth0 authentication.
Step 1: Detect Your Framework
Run this command to identify your framework:
# Check package.json dependencies
cat package.json | grep -E "react|next|vue|nuxt|angular|express|fastify|@nestjs"
# Or check project files
ls -la | grep -E "angular.json|vue.config.js|next.config"
Framework Detection Table:
| Framework | Detection | Skill to Use |
|---|---|---|
| React (Vite/CRA) | "react" in package.json, no Next.js |
auth0-react |
| Next.js | "next" in package.json |
auth0-nextjs |
| Vue.js | "vue" in package.json, no Nuxt |
auth0-vue |
| Nuxt | "nuxt" in package.json |
auth0-nuxt |
| Angular | angular.json exists or "@angular/core" |
auth0-angular |
| Express.js | "express" in package.json |
auth0-express |
| Fastify (web app) | "fastify" in package.json, has @fastify/view |
auth0-fastify |
| Fastify (API) | "fastify" in package.json, no view engine |
auth0-fastify-api |
| React Native | "react-native" or "expo" in package.json |
auth0-react-native |
Don't see your framework? See Tier 2 Frameworks below.
Step 2: Auth0 Account Setup
Install Auth0 CLI
macOS/Linux:
brew install auth0/auth0-cli/auth0
Windows:
scoop install auth0
# Or: choco install auth0-cli
Full installation guide: See CLI Reference
Login to Auth0
auth0 login
This opens your browser to authenticate with Auth0.
Step 3: Create Auth0 Application
Choose application type based on your framework:
Single Page Applications (React, Vue, Angular):
auth0 apps create --name "My App" --type spa \
--callbacks "http://localhost:3000" \
--logout-urls "http://localhost:3000" \
--metadata "created_by=agent_skills"
Regular Web Apps (Next.js, Nuxt, Express, Fastify):
auth0 apps create --name "My App" --type regular \
--callbacks "http://localhost:3000/api/auth/callback" \
--logout-urls "http://localhost:3000" \
--metadata "created_by=agent_skills"
Native Apps (React Native):
auth0 apps create --name "My App" --type native \
--callbacks "myapp://callback" \
--logout-urls "myapp://logout" \
--metadata "created_by=agent_skills"
Get your credentials:
auth0 apps list # Find your app
auth0 apps show \x3Capp-id> # Get client ID and secret
More CLI commands: See CLI Reference
Step 4: Use Framework-Specific Skill
Based on your framework detection, use the appropriate skill:
Tier 1 Frameworks (Dedicated Skills)
Frontend:
auth0-react- React SPAs (Vite, Create React App)auth0-nextjs- Next.js (App Router and Pages Router)auth0-vue- Vue.js 3 applicationsauth0-nuxt- Nuxt 3/4 applicationsauth0-angular- Angular 12+ applications
Backend:
auth0-express- Express.js web applicationsauth0-fastify- Fastify web applicationsauth0-fastify-api- Fastify API authentication
Mobile:
auth0-react-native- React Native and Expo (iOS/Android)
Tier 2 Frameworks (Use Auth0 Docs)
Not yet available as separate skills. Use Auth0 documentation:
Frontend:
Backend:
- Flask (Python)
- FastAPI (Python)
- Django (Python)
- Rails (Ruby)
- Laravel (PHP)
- Go
- ASP.NET Core
- Spring Boot
Mobile:
Migration from Other Providers
Migrating from another auth provider? Use the auth0-migration skill.
The migration skill covers:
- User export from Firebase, Cognito, Supabase, Clerk, etc.
- Bulk import to Auth0
- Code migration patterns (before/after examples)
- JWT validation updates
- Gradual migration strategies
Reference Documentation
Environment Variables
Framework-specific environment variable setup:
Auth0 Concepts
Core concepts and troubleshooting:
CLI Commands
Complete Auth0 CLI reference:
Common Mistakes
| Mistake | Fix |
|---|---|
| Wrong application type | SPAs need "Single Page Application", server apps need "Regular Web Application", mobile needs "Native" |
| Callback URL not configured | Add your app's callback URL to Allowed Callback URLs in Auth0 Dashboard |
| Using wrong credentials | Client Secret only needed for Regular Web Apps, not SPAs |
| Hardcoding credentials in code | Always use environment variables, never commit secrets to git |
| Not testing locally first | Set up localhost URLs in Auth0 before deploying to production |
| Mixing application types | Don't use SPA SDK for server-side apps or vice versa |
Related Skills
Core Integration
auth0-migration- Migrate from other auth providers
SDK Skills
auth0-react- React SPA integrationauth0-nextjs- Next.js integrationauth0-vue- Vue.js integrationauth0-nuxt- Nuxt 3/4 integrationauth0-angular- Angular integrationauth0-express- Express.js integrationauth0-fastify- Fastify web app integrationauth0-fastify-api- Fastify API integrationauth0-react-native- React Native/Expo integration
Advanced Features
auth0-mfa- Multi-Factor Authentication
References
安全使用建议
This skill appears coherent with its stated purpose, but review these practical precautions before using it:
- The skill runs locally and reads files like package.json to detect your framework — run it in the intended project directory (not your home directory) to avoid accidental disclosure of unrelated files.
- The auth0 CLI (which you must install) requires you to log in to an Auth0 tenant; that login grants the CLI management access to create/list/delete apps and view client secrets. Use a non-production/test tenant or limit admin access while evaluating.
- Prefer the Homebrew install (declared install) over the curl | sh installer shown in docs; piping remote scripts to sh is risky.
- When the skill creates apps, it may print or expose client IDs and client secrets. Keep those secrets out of version control and follow the referenced guidance (add .env to .gitignore, rotate secrets, etc.).
- Although no static-scan findings were present (the skill is instruction-only), that is not a guarantee of safety — the real risk is what you allow the auth0 CLI to do in your tenant. If unsure, test in an isolated environment and review Auth0 audit logs after operations.
功能分析
Type: OpenClaw Skill
Name: auth0-quickstart
Version: 1.0.0
The skill bundle is a legitimate quickstart guide for integrating Auth0 authentication into various application stacks. It provides standard framework detection commands, installation instructions for the official Auth0 CLI (via Homebrew, Scoop, or the official install script), and documentation on security best practices. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found; the instructions are consistent with the stated purpose of setting up authentication.
能力标签
能力评估
Purpose & Capability
Name/description match the observed behavior: the skill detects framework files (package.json, config files) and uses the Auth0 CLI to create applications and obtain credentials. Requiring the auth0 CLI is appropriate for this functionality.
Instruction Scope
Runtime instructions tell the agent to read package.json and list project files (for framework detection) and to run auth0 CLI commands that create/list/show apps (which will reveal client IDs/secrets). Reading project files in the current working directory is reasonable for framework detection, but be aware the agent will access local project files and use the CLI to obtain potentially sensitive credentials (client secret) from your Auth0 tenant.
Install Mechanism
Declared install uses a Homebrew formula (auth0/auth0-cli/auth0) which is an expected, low-risk distribution method. However, the included reference docs also show an alternative 'curl https://raw.githubusercontent.com/... | sh' installer; piping remote scripts to sh is higher risk — prefer the brew installation and official release channels.
Credentials
The skill does not request environment variables or other credentials in its metadata, which matches the quickstart's flow (the auth0 CLI handles authentication via browser). Still, using the CLI requires you to log into an Auth0 tenant and grants the CLI permission to manage resources in that tenant — ensure you understand and limit tenant-level privileges before using the CLI in a production tenant.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent system presence or modify other skills. Autonomous invocation is allowed (platform default) but not combined with other high-risk indicators here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install auth0-quickstart - 安装完成后,直接呼叫该 Skill 的名称或使用
/auth0-quickstart触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of auth0-quickstart.
- Detects project framework (React, Next.js, Vue, etc.) and routes to the correct Auth0 SDK setup workflow.
- Guides in setting up an Auth0 account and application using the Auth0 CLI.
- Provides step-by-step instructions for integrating authentication based on your stack.
- Includes quick reference tables, common troubleshooting tips, and related Auth0 integration skills.
- Links to additional documentation for unsupported frameworks and advanced features.
元数据
常见问题
Auth0 Quickstart 是什么?
Use when adding authentication or login to any app - detects your stack (React, Next.js, Vue, Nuxt, Angular, Express, Fastify, React Native), sets up an Auth... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 85 次。
如何安装 Auth0 Quickstart?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install auth0-quickstart」即可一键安装,无需额外配置。
Auth0 Quickstart 是免费的吗?
是的,Auth0 Quickstart 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Auth0 Quickstart 支持哪些平台?
Auth0 Quickstart 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux)。
谁开发了 Auth0 Quickstart?
由 Auth0(@auth0)开发并维护,当前版本 v1.0.0。
推荐 Skills