clerk-prod-checklist
Ensures production readiness for Clerk deployment with a comprehensive checklist covering configuration, security, and performance optimization.
Install this skill
Security score
The clerk-prod-checklist skill was audited on Feb 21, 2026 and we found 16 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 34 | ```bash |
Webhook reference - potential data exfiltration
| 45 | CLERK_WEBHOOK_SECRET=whsec_... |
Webhook reference - potential data exfiltration
| 83 | '/api/webhooks(.*)', |
Webhook reference - potential data exfiltration
| 100 | ### 4. Webhooks Setup |
Webhook reference - potential data exfiltration
| 102 | - [ ] Configure production webhook endpoint |
Webhook reference - potential data exfiltration
| 103 | - [ ] Set webhook secret in environment |
Webhook reference - potential data exfiltration
| 113 | // Verify webhook endpoint is accessible |
Webhook reference - potential data exfiltration
| 114 | // POST https://yourdomain.com/api/webhooks/clerk |
Webhook reference - potential data exfiltration
| 185 | - [ ] Webhook handling tests |
Webhook reference - potential data exfiltration
| 202 | - [ ] Document webhook event handling |
Webhook reference - potential data exfiltration
| 231 | if [[ -z "$CLERK_WEBHOOK_SECRET" ]]; then |
Webhook reference - potential data exfiltration
| 232 | echo "WARNING: CLERK_WEBHOOK_SECRET not set" |
External URL reference
| 114 | // POST https://yourdomain.com/api/webhooks/clerk |
External URL reference
| 250 | - [Clerk Production Checklist](https://clerk.com/docs/deployments/overview) |
External URL reference
| 251 | - [Security Best Practices](https://clerk.com/docs/security/overview) |
External URL reference
| 252 | - [Performance Guide](https://clerk.com/docs/quickstarts/nextjs) |