langfuse-extraction
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes LLM trace data (inputs and outputs) which represents an indirect prompt injection surface. This is a common characteristic of observability tools. \n * Ingestion points: Trace data is fetched from the Langfuse Cloud API in
scripts/extract_traces.pyandscripts/generate_audit_trail.py. \n * Boundary markers: None detected; trace content is processed without explicit delimiters or warnings. \n * Capability inventory: The skill uses theWritetool to save extracted data to local files (JSON, CSV, Parquet). \n * Sanitization: No sanitization or filtering of trace payloads is implemented before storage. - [SAFE]: The skill interacts exclusively with official Langfuse API endpoints (
cloud.langfuse.com) and utilizes well-known, versioned Python packages (langfuse,pandas). No unauthorized data exfiltration or malicious command execution patterns were found.
Audit Metadata