posthog-common-errors
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs connectivity checks against well-known PostHog endpoints (status.posthog.com and api.posthog.com) using curl. These are legitimate diagnostic actions directed at the official service vendor.
- [SAFE]: Local environment checks (env | grep POSTHOG, echo $POSTHOG_API_KEY) are used to verify configuration as part of the primary debugging purpose. No evidence of data exfiltration to external or untrusted domains was found.
- [SAFE]: The skill's instructions for troubleshooting logs create a minor indirect prompt injection surface, but it lacks any high-privilege capabilities that would make such a surface exploitable. Ingestion points: User-provided error logs. Boundary markers: Absent. Capability inventory: Read, Grep, Bash. Sanitization: Absent.
Audit Metadata