clerk-upgrade-migration

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to assist developers in migrating Clerk SDK versions. All identified commands and scripts are consistent with this purpose.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands for package management (npm) and codebase refactoring (find, grep, sed). A migration script provided in SKILL.md uses sed to automate the addition of 'await' to auth() calls and update import paths. These operations are standard for a migration tool.
  • [DYNAMIC_CONTEXT_INJECTION]: The skill uses dynamic context injection (the '!' syntax) in SKILL.md to execute npm list and display currently installed Clerk packages. This command is benign and provides useful context for the migration task.
  • [EXTERNAL_DOWNLOADS]: The skill references official Clerk documentation and GitHub releases via npx open-cli. These external resources are hosted on trusted and well-known domains (clerk.com and github.com).
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:50 AM
Security Audit — agent-trust-hub — clerk-upgrade-migration