clerk

SUSPICIOUS: The skill's general purpose is coherent, and the CLI install path appears vendor-consistent via npm. However, it routes Clerk authentication and data through Membrane as a third-party intermediary and allows dynamically generated remote actions, creating medium security risk and trust-expansion beyond a direct Clerk integration.