clerk-core-workflow-b

Facilitates session management and middleware implementation using Clerk for user authentication and route protection.

Install this skill

83/100

Security score

The clerk-core-workflow-b skill was audited on May 12, 2026 and we found 9 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 203

Template literal with variable interpolation in command context

SourceSKILL.md

203	{ global: { headers: { Authorization: `Bearer ${supabaseToken}` } } }

low line 47

Webhook reference - potential data exfiltration

SourceSKILL.md

47	'/api/webhooks(.*)',

medium line 312

Webhook reference - potential data exfiltration

SourceSKILL.md

312	Proceed to `clerk-webhooks-events` for webhook and event handling.

low line 201

Access to .env file

SourceSKILL.md

201	process.env.NEXT_PUBLIC_SUPABASE_URL!,

low line 202

Access to .env file

SourceSKILL.md

202	process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,

low line 306

External URL reference

SourceSKILL.md

306	- [clerkMiddleware() Reference](https://clerk.com/docs/reference/nextjs/clerk-middleware)

low line 307

External URL reference

SourceSKILL.md

307	- [auth() Reference](https://clerk.com/docs/reference/nextjs/app-router/auth)

low line 308

External URL reference

SourceSKILL.md

308	- [Custom Session Tokens](https://clerk.com/docs/guides/sessions/customize-session-tokens)

low line 309

External URL reference

SourceSKILL.md

309	- [JWT Templates](https://clerk.com/docs/guides/sessions/jwt-templates)

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.2K

Rate this skill

Categorydevelopment

UpdatedMay 20, 2026

claude claude-code codex frontend design supabase react excel docx api database backend backend-developer fullstack-developer product-manager development product

jeremylongshore/claude-code-plugins-plus-skills