clerk-data-handling
Handle user data, privacy, and GDPR compliance with Clerk. Use when implementing data export, user deletion, or privacy compliance features. Trigger with phrases like "clerk user data", "clerk GDPR", "clerk privacy", "clerk data export", "clerk delete user".
80
77%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./plugins/saas-packs/clerk-pack/skills/clerk-data-handling/SKILL.mdQuality
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a solid skill description that clearly identifies its niche (Clerk-specific GDPR/privacy compliance) with explicit trigger terms and a 'Use when' clause. The main weakness is that the 'what' portion could be more specific about concrete actions beyond the somewhat vague 'handle user data, privacy, and GDPR compliance.' The trigger terms and completeness are strong points.
Suggestions
Replace the vague 'Handle user data, privacy, and GDPR compliance' with more specific actions like 'Export user data for GDPR subject access requests, permanently delete user accounts and associated data, manage consent records and privacy settings.'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (user data, privacy, GDPR compliance with Clerk) and some actions (data export, user deletion, privacy compliance features), but doesn't list multiple concrete specific actions in detail—e.g., what exactly does 'handle' mean? It could be more granular about specific operations like anonymization, consent management, audit logs, etc. | 2 / 3 |
Completeness | Clearly answers both 'what' (handle user data, privacy, and GDPR compliance with Clerk) and 'when' (explicit 'Use when' clause for data export, user deletion, privacy compliance, plus explicit trigger phrases). Both dimensions are well-covered. | 3 / 3 |
Trigger Term Quality | Includes explicit natural trigger phrases like 'clerk user data', 'clerk GDPR', 'clerk privacy', 'clerk data export', 'clerk delete user'. These are terms users would naturally say when needing this functionality, and the coverage of variations is good. | 3 / 3 |
Distinctiveness Conflict Risk | The combination of 'Clerk' as a specific platform plus 'GDPR', 'privacy', and 'data export' creates a clear niche. The trigger terms are all prefixed with 'clerk', making it unlikely to conflict with generic privacy or data handling skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides highly actionable, executable TypeScript code covering a comprehensive GDPR/privacy compliance workflow with Clerk. Its main weaknesses are verbosity (the full inline code makes it quite long) and missing validation checkpoints for the destructive deletion workflow. The content would benefit from splitting detailed implementations into referenced files and adding explicit verification steps for the deletion cascade.
Suggestions
Add explicit validation/confirmation checkpoints to the deletion workflow (e.g., verify user exists before deletion, confirm all app data deleted before proceeding to Clerk deletion, verify Clerk deletion succeeded before logging).
Move the ConsentManager UI component, audit logging webhook handler, and bulk cleanup script into separate referenced files to reduce the main skill's length and improve progressive disclosure.
Remove the 'Output' section which merely restates what the code already demonstrates, and trim the 'Overview' to a single sentence.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly long with extensive code blocks. Some sections like the ConsentManager UI component and the prerequisites section add bulk without being strictly necessary. The 'Overview' paragraph and 'Output' summary section restate what the code already shows. However, it avoids explaining basic concepts Claude would know. | 2 / 3 |
Actionability | All code examples are fully executable TypeScript with proper imports, types, and file paths. The examples cover the complete workflow from data export to deletion to consent management, with copy-paste ready route handlers and components. | 3 / 3 |
Workflow Clarity | Steps are clearly sequenced and the deletion cascade follows a logical order (app data → Clerk → audit log). However, for a destructive operation like user deletion, there are no explicit validation checkpoints or confirmation steps. The partial deletion error handling catches failures but lacks a retry/rollback mechanism, and there's no verification step after deletion completes. | 2 / 3 |
Progressive Disclosure | The content is essentially monolithic — all code is inline in a single file with no references to supporting bundle files for detailed implementations. The error handling table and resources section provide some structure, but the consent UI, audit logging, and cleanup script could be split into separate referenced files to keep the main skill leaner. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
3a2d27d
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.