The Agent Skills Directory

[SAFE]: The skill serves as a high-quality developer guide for using Clerk authentication. It proactively includes security warnings regarding common pitfalls, such as the potential for middleware bypass (CVE-2025-29927) and the exposure of sensitive server-side metadata (privateMetadata) to client components.
[SAFE]: Instructions correctly advise against hardcoding API keys, recommending the use of environment variables instead. It also mandates the use of Clerk's verifyWebhook utility to prevent spoofing of webhook events.
[SAFE]: All referenced packages (@clerk/nextjs, @clerk/themes, etc.) and URLs point to official and well-known services related to the skill's primary purpose. No malicious code, obfuscation, or unauthorized data exfiltration patterns were detected.

api-auth-clerk