The Agent Skills Directory

[SAFE]: The skill serves as a documentation and integration guide for Arize Phoenix, a well-known open-source observability platform. All external dependencies (arize-phoenix, opentelemetry, etc.) are standard, versioned packages from official registries.
[DATA_EXFILTRATION]: No unauthorized data transmission was detected. The network operations described are limited to local telemetry collection (localhost:6006) or connections to a user-provided PostgreSQL database. The skill explicitly instructs users to manage sensitive credentials like PHOENIX_SQL_DATABASE_URL and PHOENIX_SECRET through environment variables, which is a recommended security practice.
[COMMAND_EXECUTION]: Shell commands provided are for standard package installation (pip install), server management (phoenix serve), and container deployment (docker run). There is no evidence of arbitrary or hidden command execution.
[PROMPT_INJECTION]: The skill does not contain instructions that attempt to override agent safety filters or bypass system prompts. The provided prompt templates are for evaluation purposes (e.g., assessing helpfulness or accuracy) and are clearly delimited.
[DYNAMIC_EXECUTION]: While the skill demonstrates how to instrument code and run evaluations, it does not employ unsafe dynamic execution patterns like eval() on untrusted input or hidden script generation.

phoenix-observability