clerk-observability

The skill appears to be a coherent observability/monitoring wrapper around Clerk authentication with legitimate components (logging, middleware timing, analytics, webhooks, Sentry, health checks). Data flows to Datadog and Sentry are expected for observability but introduce data-exfiltration/privacy considerations due to inclusion of userId/sessionId in logs. No unverifiable binaries or credential-harvesting patterns are detected. The footprint is proportionate to the stated purpose, though you should enforce data minimization, access controls, and explicit privacy guidelines. Treat as BENIGN with MEDIUM risk due to credential exposure potential and external data flows; monitor for proper secret management and compliance.