How does this skill handle the Clerk 2025-11-10 API breaking changes?

It provides logic to update commerce endpoints to billing, transition payment_source to payment_method, and handle new null-value rules in API responses.

What is the recommended fix for '431 Request Header Fields Too Large' in Vite?

The skill provides a configuration for package.json to increase the Node max-http-header-size to 32768, accommodating larger Clerk dev tokens.

Does this skill support the latest Next.js versions?

Yes, it fully supports Next.js 15 and 16, specifically focusing on the requirement to await the auth() helper.

Can I test authentication without sending real SMS or emails?

Yes, it guides you through using test credentials and the fixed OTP 424242 for both manual and automated testing.

Clerk Auth & Security

Name: Clerk Auth & Security
Author: jezweb

byjezweb

•

Security & Testing

Implements and troubleshoots Clerk authentication using the latest API standards, async patterns, and advanced security hardening.

About

This skill provides specialized knowledge for integrating Clerk authentication, specifically addressing the 2025-11-10 API breaking changes and Next.js v6 asynchronous patterns. It guides users through complex configurations like JWT size optimization, PKCE for custom OAuth, and CSRF protection for serverless environments like Cloudflare Workers. By utilizing this skill, developers can avoid common pitfalls such as 431 header errors, session token leaks, and JWKS race conditions while implementing robust E2E testing workflows with Playwright.

Key Features

91 GitHub stars
Troubleshooting for common errors like 431 Header Too Large and Missing Secret Keys
Security hardening via authorizedParties CSRF prevention and PKCE support
JWT template optimization to stay within 1.2KB custom claim limits
Migration support for Clerk API 2025-11-10 and Next.js v6 async auth() patterns
Automated E2E testing integration using Playwright and fixed OTP credentials

Use Cases

Securing Cloudflare Workers and serverless functions with proper token verification
Upgrading legacy Clerk implementations to the latest 2025 breaking change standards
Setting up comprehensive authentication testing suites for Next.js 15+ applications

About

Key Features

91 GitHub stars
Troubleshooting for common errors like 431 Header Too Large and Missing Secret Keys
Security hardening via authorizedParties CSRF prevention and PKCE support
JWT template optimization to stay within 1.2KB custom claim limits
Migration support for Clerk API 2025-11-10 and Next.js v6 async auth() patterns
Automated E2E testing integration using Playwright and fixed OTP credentials

Use Cases

Securing Cloudflare Workers and serverless functions with proper token verification
Upgrading legacy Clerk implementations to the latest 2025 breaking change standards
Setting up comprehensive authentication testing suites for Next.js 15+ applications