The shared API error handler now reports unexpected exceptions to Sentry before returning a generic internal server error response. Validation and auth-related cases still keep their existing client-facing behavior, but anything that falls through to the 500 path will now be captured for debugging and monitoring. The practical effect is better visibility into production backend failures with no change to the public API contract.