Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/clerk-hello-world/Gen Agent Trust Hub

clerk-hello-world

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides standard integration code for Clerk, a well-known authentication provider.\n- [EXTERNAL_DOWNLOADS]: Mentions standard Node.js packages (@clerk/nextjs, @clerk/express) and references a prerequisite setup command (clerk-install-auth) required for the integration.\n- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by processing user profile data from the authentication provider.\n
  • Ingestion points: app/dashboard/page.tsx (user object) and app/api/hello/route.ts (auth context).\n
  • Boundary markers: None present in the code samples to delimit external data from instructions.\n
  • Capability inventory: The skill is allowed to use file system tools (Read, Write, Edit) and command execution (Bash).\n
  • Sanitization: No explicit sanitization or validation of user-provided profile fields is demonstrated, though standard React rendering provides default escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 01:17 AM