← Back to Skills

Jwt Decoder

🌐Community
by aidotnet Β· vlatest Β· Repository

Provides JWT guidance and assistance for implementing security and authentication.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add jwt-decoder npx -- -y @trustedskills/jwt-decoder
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "jwt-decoder": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/jwt-decoder"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

The jwt-decoder skill allows an AI agent to decode JSON Web Tokens (JWTs). It extracts claims from a JWT, such as the subject, issuer, and expiration time. This is useful for verifying user authentication and authorization in systems that use JWTs.

When to use it

  • Authentication Verification: Determine if a provided JWT is valid and contains expected user information.
  • Authorization Checks: Extract roles or permissions from a JWT to control access to resources.
  • Token Inspection: Analyze the contents of a JWT for debugging or security auditing purposes.
  • Integration with APIs: Decode JWTs received from external APIs to process authenticated requests.

Key capabilities

  • Decodes JWT tokens.
  • Extracts claims from decoded JWTs.
  • Supports standard JWT claim types.

Example prompts

  • "Decode this JWT: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjMiLCJleHAiOjE2OTA3NzYwMDB9.q-Wj_7mU0xVnQvK8zH4rTfJgN1tP6QG5uC3yXhRkL0"
  • "What is the subject of this JWT: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjMiLCJleHAiOjE2OTA3NzYwMDB9.q-Wj_7mU0xVnQvK8zH4rTfJgN1tP6QG5uC3yXhRkL0"
  • β€œIs this JWT expired: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjMiLCJleHAiOjE2ODA3NzYwMDB9.q-Wj_7mU0xVnQvK8zH4rTfJgN1tP6QG5uC3yXhRkL0"

Tips & gotchas

  • Ensure the AI agent has access to the JWT string for decoding.
  • The skill's effectiveness depends on the validity of the JWT itself (signature verification, etc.). It does not perform signature validation.
View Repository β†’

Tags

πŸ›‘οΈ

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates β€” what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
aidotnet
Installs
4
Repository (canonical source) β†’

🌐 Community

Passed automated security scans.