Skills
AGENT LAB: SKILLS
skills/composiohq/awesome-claude-skills/posthog-automation/Gen Agent Trust Hub

posthog-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill defines workflows that ingest data from PostHog, creating an attack surface for indirect instructions.\n
  • Ingestion points: POSTHOG_LIST_AND_FILTER_PROJECT_EVENTS and POSTHOG_LIST_AND_MANAGE_PROJECT_FEATURE_FLAGS (SKILL.md).\n
  • Boundary markers: Absent; no instructions provided to treat retrieved data as untrusted or to use delimiters.\n
  • Capability inventory: The agent can capture events and create feature flags, which could be misused if influenced by malicious data.\n
  • Sanitization: No sanitization logic or validation is specified for the external data.\n- External Downloads (LOW): The skill setup requires the use of an external MCP server at https://rube.app/mcp, which is an unverified external dependency.\n- No Code (SAFE): The skill contains no executable scripts or local code files, reducing the risk of direct execution attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:05 PM