Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

athola/authentication-patterns

Name: authentication-patterns
Author: athola

plugins/leyline/skills/authentication-patterns/SKILL.md

npx skillsauth add athola/claude-night-market authentication-patterns

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Overview
When to Use
Authentication Methods
Quick Start
Verify Authentication
Smoke Test
Standard Flow
Step 1: Check Environment
Step 2: Verify with Service
Step 3: Handle Failures
Integration Pattern
Detailed Resources
Exit Criteria

Authentication Patterns

Overview

Common authentication patterns for integrating with external services. Provides consistent approaches to credential management, verification, and error handling.

When To Use

Integrating with external APIs
Need credential verification
Managing multiple auth methods
Handling auth failures gracefully

When NOT To Use

Project doesn't use the leyline infrastructure patterns
Simple scripts without service architecture needs

Authentication Methods

| Method | Best For | Environment Variable | |--------|----------|---------------------| | API Key | Simple integrations | {SERVICE}_API_KEY | | OAuth | User-authenticated | Browser-based flow | | Token | Session-based | {SERVICE}_TOKEN | | None | Public APIs | N/A |

Quick Start

Verify Authentication

from leyline.auth import verify_auth, AuthMethod

# API Key verification
status = verify_auth(
    service="gemini",
    method=AuthMethod.API_KEY,
    env_var="GEMINI_API_KEY"
)

if not status.authenticated:
    print(f"Auth failed: {status.message}")
    print(f"Action: {status.suggested_action}")

Verification: Run the command with --help flag to verify availability.

Smoke Test

def verify_with_smoke_test(service: str) -> bool:
    """Verify auth with simple request."""
    result = execute_simple_request(service, "ping")
    return result.success

Verification: Run pytest -v to verify tests pass.

Standard Flow

Step 1: Check Environment

def check_credentials(service: str, env_var: str) -> bool:
    value = os.getenv(env_var)
    if not value:
        print(f"Missing {env_var}")
        return False
    return True

Verification: Run the command with --help flag to verify availability.

Step 2: Verify with Service

def verify_with_service(service: str) -> AuthStatus:
    result = subprocess.run(
        [service, "auth", "status"],
        capture_output=True
    )
    return AuthStatus(
        authenticated=(result.returncode == 0),
        message=result.stdout.decode()
    )

Verification: Run the command with --help flag to verify availability.

Step 3: Handle Failures

def handle_auth_failure(service: str, method: AuthMethod) -> str:
    actions = {
        AuthMethod.API_KEY: f"Set {service.upper()}_API_KEY environment variable",
        AuthMethod.OAUTH: f"Run '{service} auth login' for browser auth",
        AuthMethod.TOKEN: f"Refresh token with '{service} token refresh'"
    }
    return actions[method]

Verification: Run the command with --help flag to verify availability.

Integration Pattern

# In your skill's frontmatter
dependencies: [leyline:authentication-patterns]

Verification: Run the command with --help flag to verify availability.

Interactive Authentication (Shell)

For workflows requiring interactive authentication with token caching and session management:

# Source the interactive auth script
source plugins/leyline/scripts/interactive_auth.sh

# Ensure authentication before proceeding
ensure_auth github || exit 1
ensure_auth gitlab || exit 1
ensure_auth aws || exit 1

# Continue with authenticated operations
gh pr view 123
glab issue list
aws s3 ls

Features:

✅ Interactive OAuth flows for GitHub, GitLab, AWS, and more
✅ Token caching (5-minute TTL)
✅ Session persistence (24-hour TTL)
✅ CI/CD compatible (auto-detects non-interactive environments)
✅ Multi-service support

See modules/interactive-auth.md for complete documentation.

Detailed Resources

Auth Methods: See modules/auth-methods.md for method details
Verification: See modules/verification-patterns.md for testing patterns
Interactive: See modules/interactive-auth.md for shell-based auth flows

Exit Criteria

Credentials verified or clear failure message
Suggested action for auth failures
Smoke test confirms working auth

athola/authentication-patterns

plugins/leyline/skills/authentication-patterns/SKILL.md

Provides auth patterns for API keys, OAuth, and token management. Use when implementing or reviewing service authentication and credential handling.

304 stars

development

Updated Jun 8, 2026

$ install --global

skillsauth

npx skillsauth add athola/claude-night-market authentication-patterns

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Jun 9, 2026, 2:41 AM268.5s1 file scanned

SKILL.md

name:: authentication-patterns
description:: Provides auth patterns for API keys, OAuth, and token management. Use when implementing or reviewing service authentication and credential handling.
alwaysApply:: false
category:: infrastructure
complexity:: beginner
model_hint:: fast
estimated_tokens:: 400
progressive_loading:: true

Overview
When to Use
Authentication Methods
Quick Start
Verify Authentication
Smoke Test
Standard Flow
Step 1: Check Environment
Step 2: Verify with Service
Step 3: Handle Failures
Integration Pattern
Detailed Resources
Exit Criteria

Authentication Patterns

Overview

Common authentication patterns for integrating with external services. Provides consistent approaches to credential management, verification, and error handling.

When To Use

Integrating with external APIs
Need credential verification
Managing multiple auth methods
Handling auth failures gracefully

When NOT To Use

Project doesn't use the leyline infrastructure patterns
Simple scripts without service architecture needs

Authentication Methods

Quick Start

Verify Authentication

from leyline.auth import verify_auth, AuthMethod

# API Key verification
status = verify_auth(
    service="gemini",
    method=AuthMethod.API_KEY,
    env_var="GEMINI_API_KEY"
)

if not status.authenticated:
    print(f"Auth failed: {status.message}")
    print(f"Action: {status.suggested_action}")

Verification: Run the command with --help flag to verify availability.

Smoke Test

def verify_with_smoke_test(service: str) -> bool:
    """Verify auth with simple request."""
    result = execute_simple_request(service, "ping")
    return result.success

Verification: Run pytest -v to verify tests pass.

Standard Flow

Step 1: Check Environment

def check_credentials(service: str, env_var: str) -> bool:
    value = os.getenv(env_var)
    if not value:
        print(f"Missing {env_var}")
        return False
    return True

Verification: Run the command with --help flag to verify availability.

Step 2: Verify with Service

def verify_with_service(service: str) -> AuthStatus:
    result = subprocess.run(
        [service, "auth", "status"],
        capture_output=True
    )
    return AuthStatus(
        authenticated=(result.returncode == 0),
        message=result.stdout.decode()
    )

Verification: Run the command with --help flag to verify availability.

Step 3: Handle Failures

def handle_auth_failure(service: str, method: AuthMethod) -> str:
    actions = {
        AuthMethod.API_KEY: f"Set {service.upper()}_API_KEY environment variable",
        AuthMethod.OAUTH: f"Run '{service} auth login' for browser auth",
        AuthMethod.TOKEN: f"Refresh token with '{service} token refresh'"
    }
    return actions[method]

Verification: Run the command with --help flag to verify availability.

Integration Pattern

# In your skill's frontmatter
dependencies: [leyline:authentication-patterns]

Verification: Run the command with --help flag to verify availability.

Interactive Authentication (Shell)

For workflows requiring interactive authentication with token caching and session management:

# Source the interactive auth script
source plugins/leyline/scripts/interactive_auth.sh

# Ensure authentication before proceeding
ensure_auth github || exit 1
ensure_auth gitlab || exit 1
ensure_auth aws || exit 1

# Continue with authenticated operations
gh pr view 123
glab issue list
aws s3 ls

Features:

✅ Interactive OAuth flows for GitHub, GitLab, AWS, and more
✅ Token caching (5-minute TTL)
✅ Session persistence (24-hour TTL)
✅ CI/CD compatible (auto-detects non-interactive environments)
✅ Multi-service support

See modules/interactive-auth.md for complete documentation.

Detailed Resources

Auth Methods: See modules/auth-methods.md for method details
Verification: See modules/verification-patterns.md for testing patterns
Interactive: See modules/interactive-auth.md for shell-based auth flows

Exit Criteria

Credentials verified or clear failure message
Suggested action for auth failures
Smoke test confirms working auth

Related Skills

athola/ideate

research

VerifiedTrustedCommunity

Generate diverse solution candidates with category-spanning ideation methods and rotation. Use when stuck on a design or fighting repetitive LLM output.

304SKILL.mdUpdated Jun 8, 2026

athola/plugins/sanctum/skills/validate-pr

tools

VerifiedTrustedCommunity

--- name: validate-pr description: Use when you need a diff-derived test plan for a PR: reads the diff, groups changes by area, runs targeted verifications, and proves revert-tests are genuine guards, not dead assertions. alwaysApply: false category: validation tags: - pr - validation - test-plan - diff - revert-test - evidence tools: [] usage_patterns: - diff-derived-test-plan - revert-test-quality-check - evidence-capture complexity: intermediate model_hint: standard estimated_tokens: 650

304SKILL.mdUpdated Jun 8, 2026

athola/plugins/sanctum/skills/validate-pr

athola/decision-journal

development

VerifiedTrustedCommunity

Contract for the project decision journal (tradeoffs and lessons-learned logs). Use when recording a decision, tradeoff, or lesson, or building a consumer hook.

304SKILL.mdUpdated Jun 8, 2026

athola/decision-journal

athola/graduated-implementation

development

VerifiedTrustedCommunity

Ramps implementation ambition a notch only after the prior increment is understood. Use when building a feature you must understand, not just ship.

304SKILL.mdUpdated Jun 8, 2026

athola/graduated-implementation

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/athola/claude-night-market.git

# Copy into Claude Code skills folder (global)
cp -r claude-night-market/plugins/leyline/skills/authentication-patterns ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

athola/claude-night-market

304 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT

Adoption

athola/authentication-patterns

$ install --global

Security Scan Results

SKILL.md

Table of Contents

Authentication Patterns

Overview

When To Use

When NOT To Use

Authentication Methods

Quick Start

Verify Authentication

Smoke Test

Standard Flow

Step 1: Check Environment

Step 2: Verify with Service

Step 3: Handle Failures

Integration Pattern

Interactive Authentication (Shell)

Detailed Resources

Exit Criteria

Related Skills

athola/ideate

athola/plugins/sanctum/skills/validate-pr

athola/decision-journal

athola/graduated-implementation

athola/authentication-patterns

$ install --global

Security Scan Results

SKILL.md

Table of Contents

Authentication Patterns

Overview

When To Use

When NOT To Use

Authentication Methods

Quick Start

Verify Authentication

Smoke Test

Standard Flow

Step 1: Check Environment

Step 2: Verify with Service

Step 3: Handle Failures

Integration Pattern

Interactive Authentication (Shell)

Detailed Resources

Exit Criteria

Related Skills

athola/ideate

athola/plugins/sanctum/skills/validate-pr

athola/decision-journal

athola/graduated-implementation