clerk-core-workflow-b

Facilitates session management and middleware implementation using Clerk for user authentication and route protection.

Install this skill

83/100

Security score

The clerk-core-workflow-b skill was audited on May 24, 2026 and we found 9 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 211

Template literal with variable interpolation in command context

SourceSKILL.md

211	{ global: { headers: { Authorization: `Bearer ${supabaseToken}` } } }

low line 50

Webhook reference - potential data exfiltration

SourceSKILL.md

50	'/api/webhooks(.*)',

medium line 327

Webhook reference - potential data exfiltration

SourceSKILL.md

327	Proceed to `clerk-webhooks-events` for webhook and event handling.

low line 209

Access to .env file

SourceSKILL.md

209	process.env.NEXT_PUBLIC_SUPABASE_URL!,

low line 210

Access to .env file

SourceSKILL.md

210	process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,

low line 320

External URL reference

SourceSKILL.md

320	- [clerkMiddleware() Reference](https://clerk.com/docs/reference/nextjs/clerk-middleware)

low line 321

External URL reference

SourceSKILL.md

321	- [auth() Reference](https://clerk.com/docs/reference/nextjs/app-router/auth)

low line 322

External URL reference

SourceSKILL.md

322	- [Custom Session Tokens](https://clerk.com/docs/guides/sessions/customize-session-tokens)

low line 323

External URL reference

SourceSKILL.md

323	- [JWT Templates](https://clerk.com/docs/guides/sessions/jwt-templates)

Scanned on May 24, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.2K

Rate this skill

Categorydevelopment

UpdatedJune 10, 2026

claude claude-code codex frontend design supabase react excel docx api database backend backend-developer fullstack-developer product-manager development product

jeremylongshore/claude-code-plugins-plus-skills