This handles the full authentication state lifecycle: JWT generation and validation, token refresh flows, Redis-backed session storage, CSRF protection, and proper logout cleanup. You get working examples in both Python/Flask and Node.js/Express, plus middleware chains that validate tokens on every request. The skill covers the security fundamentals you actually need: httpOnly cookies, proper token expiration, strong secrets, and session timeout handling. It's opinionated about not using localStorage for tokens and always running over HTTPS, which is the right call. Good for building login systems from scratch or fixing security gaps in existing auth flows.
npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill session-management