clerk-webhooks-events

The skill presents a coherent, benign Webhook handling workflow for Clerk events with appropriate verification, idempotency, and data handling steps. Security risks are modest and aligned with normal developer tooling usage (npm packages, environment secrets, Redis for idempotency). No unverifiable binaries or credential harvesting patterns are detected. However, there are data flow considerations around PII (emails, names, images) that warrant proper minimization, encryption, and retention policies. Overall, the skill is BENIGN with some MEDIUM-level security considerations related to data handling and external dependencies.