langsmith
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Fetches and executes an installation script for the LangSmith CLI from the official LangChain repository.
- [COMMAND_EXECUTION]: Modifies shell profile files (
~/.bashrcand~/.zshrc) to persist required environment variables across sessions. - [EXTERNAL_DOWNLOADS]: Installs the LangSmith SDK and related dependencies (
openai,openevals) from official package registries. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external trace and feedback data.
- Ingestion points: Reads and displays application traces and user feedback from the LangSmith platform (
SKILL.md,scripts/quickstart.py). - Boundary markers: No explicit boundary markers or instructions to ignore embedded content are defined in the scripts for handling trace data.
- Capability inventory: The skill uses the
BashandWebFetchtools for system and network operations. - Sanitization: Data handling relies on the standard implementation of the LangSmith SDK.
Recommendations
- INFO: Downloads code from trusted source(s): https://raw.githubusercontent.com/langchain-ai/langsmith-cli/main/scripts/install.sh
Audit Metadata