The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (SAFE): The skill references standard industry-standard libraries for OpenTelemetry in both Python and Node.js. These are widely used observability packages.
[DATA_EXFILTRATION] (SAFE): Network operations shown (sending traces to 'jaeger:14268' and requests to 'downstream/api') are standard placeholders for local microservices architecture and do not point to malicious external domains.
[COMMAND_EXECUTION] (SAFE): No arbitrary command execution or shell spawning detected. The scripts are limited to library initialization and instrumentation.
[MALICIOUS_URL_ALERT] (SAFE): The scanner flagged 'logger.info' as a malicious URL. Technical analysis confirms this is a false positive; 'logger.info' is a standard Python logging method call, not a web address.
[INDIRECT_PROMPT_INJECTION] (LOW): While the skill demonstrates context propagation via HTTP headers, which is a potential surface for injection, the provided code is a static template and does not perform unsafe interpolation into LLM prompts. Mandatory evidence: 1. Ingestion: HTTP headers in 'Context Propagation'. 2. Boundaries: None. 3. Capabilities: None (templates only). 4. Sanitization: Standard OTel propagation.

distributed-tracing