Feature request: opt-in to emit real plugin/skill names for trusted (self-hosted) marketplaces in OpenTelemetry
Summary
When skills/plugins come from a private, self-hosted marketplace, Claude Code redacts their identity in telemetry — plugin.name and skill.name are both replaced with the literal string "third-party" and marketplace.name is omitted. This is documented and intentional, but it makes it impossible for an organization that owns its private marketplace to measure adoption of its own internal skills: every internal skill collapses into a single undifferentiated third-party bucket.
We'd like an opt-in mechanism to allowlist marketplaces we control so their real plugin/skill names are emitted.
Current behavior
Per the monitoring docs, on claude_code.token.usage:
skill.name— built-in, bundled, user-defined, and official-marketplace skill names appear verbatim; third-party plugin skill names are replaced with"third-party".plugin.name— official-marketplace plugin names appear verbatim; third-party plugin names are replaced with"third-party".marketplace.name— only emitted for official-marketplace plugins.
Observed in our New Relic OTel export: skills installed from our self-hosted GitHub marketplace all report plugin.name="third-party", skill.name="third-party", marketplace.name=null. The only internal skills whose names appear are ones a few devs had installed as local (user-defined) skills during development — and those names disappear as soon as the skill is moved into the marketplace and installed the supported way. So there is no path to per-skill adoption metrics for marketplace-distributed internal skills.
Why the current redaction exists (and why we're not asking to remove it)
We understand the redaction protects users from leaking skill/plugin names from marketplaces they don't control or trust. We are not asking to drop it globally. We're asking for an opt-in for marketplaces the operator explicitly trusts — typically their own.
Proposed solution
An opt-in allowlist so a team can declare marketplaces it trusts, after which real plugin.name / skill.name / marketplace.name are emitted for those (and only those). For example:
- An env var, e.g.
OTEL_TELEMETRY_TRUSTED_MARKETPLACES="my-org/my-marketplace"(comma-separated marketplace identifiers), or - An equivalent
settings.jsonkey (e.g. under a telemetry section), so it can be managed via managed/enterprise policy.
Default remains the current redaction; names are only emitted for marketplaces explicitly listed. Managed-policy support matters so an org can set this centrally rather than per-developer.
Use case
We run a private internal marketplace of skills shared across teams. We export Claude Code OTel metrics to New Relic to understand which internal skills get traction and which to retire. Today that analysis is impossible because all internal skills are anonymized into one bucket.
Alternatives considered
- Installing skills as local/user-defined skills to keep their names — defeats the purpose of a shared marketplace (no central distribution/updates) and isn't viable at scale.
- Inferring usage from token volume / session counts — only yields an aggregate
third-partytotal, not per-skill.
References
- Docs: https://code.claude.com/docs/en/monitoring-usage.md
- Related: #35319 (skill invocation tracking and usage analytics) — same underlying goal of measuring per-skill usage; this request addresses the specific case where private-marketplace skill names are redacted from OTel telemetry.