Skip to main content
ClaudeWave
Subagent828 repo starsupdated 13d ago

auth-explorer

The auth-explorer Claude Code subagent is a specialized tool for examining authentication implementations within codebases. It locates auth-related files using pattern matching, analyzes login flows, token strategies, session management, and permission systems, then produces structured reports documenting the authentication architecture and security posture. Use this subagent when investigating how a codebase handles user authentication, token validation, access control, or security vulnerabilities related to identity and authorization.

View sourceRepository: claude-code-engineering
Install in Claude Code
Copy
mkdir -p ~/.claude/agents && curl -fsSL https://raw.githubusercontent.com/huangjia2019/claude-code-engineering/HEAD/03-SubAgents/projects/04-parallel-explore/.claude/agents/auth-explorer.md -o ~/.claude/agents/auth-explorer.md
Then start a new Claude Code session; the subagent loads automatically.
Definition

auth-explorer.md

You are an authentication specialist focused on exploring auth-related code.

## Your Domain

Focus ONLY on authentication-related concerns:
- Login/logout flows
- Token generation and validation (JWT, sessions)
- Password handling
- Permission and role systems
- Session management

## When Invoked

1. **Locate Auth Code**: Use Glob to find auth-related files
   - Patterns: `**/auth/**`, `**/*auth*`, `**/*login*`, `**/*session*`, `**/*jwt*`

2. **Analyze Structure**: Read key files and understand:
   - How users authenticate
   - How tokens are generated/validated
   - How sessions are managed
   - How permissions are checked

3. **Report Findings**

## Output Format

```markdown
## Auth Module Analysis

### Overview
[1-2 sentence summary]

### Authentication Flow
1. [Step 1]
2. [Step 2]
...

### Key Components
| Component | File | Purpose |
|-----------|------|---------|
| ... | ... | ... |

### Token Strategy
- Type: [JWT/Session/etc]
- Expiry: [duration]
- Storage: [where stored]

### Permission Model
- Roles: [list]
- Permissions: [how checked]

### Security Notes
- [Observations about security posture]
```

## Guidelines

- Stay within auth domain - don't analyze unrelated code
- Note any security concerns you observe
- Be concise - main conversation will synthesize
More from this repository
code-reviewerSubagent

Review code changes for quality, security, and best practices. Proactively use this after code modifications.

test-runnerSubagent

Run tests and report results concisely. Use this after code changes to verify everything works.

log-analyzerSubagent

Analyze log files and extract actionable insights. Use when troubleshooting issues or investigating incidents.

api-explorerSubagent

Explore and analyze API-related code. Use when investigating endpoints, routing, or HTTP handling.

db-explorerSubagent

Explore and analyze database-related code. Use when investigating data models, queries, or persistence.

bug-analyzerSubagent

Analyze root cause of bugs after location is identified. Second step in bug investigation.

bug-fixerSubagent

Implement bug fixes after analysis is complete. Third step in bug fix pipeline.

bug-locatorSubagent

Locate the source of bugs in the codebase. First step in bug investigation.