clerk
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard implementation examples for Clerk authentication, adhering to secure development practices. It correctly emphasizes the use of middleware for centralized route protection and includes robust examples for server-side validation and role-based access control.
- [SAFE]: Environment variables for API keys use safe placeholders (
pk_test_...,sk_test_...) and follow standard local secret management practices by recommending.env.local. - [SAFE]: The webhook implementation includes a mandatory signature verification step using the
svixlibrary, which is a critical security measure to prevent spoofing attacks. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install well-known, reputable packages including
@clerk/nextjs,@clerk/themes, andsvixfrom the official NPM registry.
Audit Metadata