prometheus_client
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the well-known and official 'prometheus-client' library for observability, which is a standard industry practice.
- [SAFE]: The instructions recommend exposing metrics on a dedicated port (9090), which is a security best practice to isolate monitoring traffic from business API traffic.
- [SAFE]: The documentation specifically warns against using high-cardinality labels such as 'session_id', which helps prevent the accidental exposure of sensitive user identifiers or system resource exhaustion.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized command execution were detected in the code or instructions.
Audit Metadata