python-micrometer-cardinality-control
Fail
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE]: The skill is strictly educational, containing Java code snippets and configuration patterns for the Micrometer library. There are no executable scripts, hidden commands, or malicious instructions included.
- [SAFE]: The security alert for 'supplier.id' is a false positive. In the context of the provided Java code, 'supplier.id' is a string literal used as a metric tag name (e.g.,
.tag("supplier.id", supplierId)). It is not utilized as a URL, domain, or network endpoint. - [EXTERNAL_DOWNLOADS]: The skill mentions standard, well-known dependencies such as 'spring-boot-starter-actuator' and 'micrometer-tracing-bridge-otel'. These are official libraries from the Spring and Micrometer ecosystems and are documented here as architectural requirements.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata