arize-trace
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the 'arize-ax-cli' package from PyPI. This is a trusted resource owned by the vendor Arize-ai.\n- [COMMAND_EXECUTION]: The skill executes the 'ax' CLI tool to perform data exports and verify environment setup. This is consistent with the skill's stated purpose.\n- [CREDENTIALS_UNSAFE]: The skill accesses the 'ARIZE_API_KEY' via environment variables and offers to save it to '~/.arize/config.toml'. Users should be aware that these credentials grant access to their Arize data.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it downloads and reads trace data (spans, inputs, outputs) which are attacker-controllable if the project contains traces from untrusted users.\n
- Ingestion points: JSON files downloaded to '.arize-tmp-traces' via export commands in SKILL.md.\n
- Boundary markers: The skill does not define specific delimiters or instructions to ignore commands within the downloaded data.\n
- Capability inventory: Subprocess execution of the 'ax' CLI and local file system access.\n
- Sanitization: There is no explicit sanitization of the external trace data before it is processed by the agent.
Audit Metadata