posthog-enterprise-rbac
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill represents an attack surface for indirect prompt injection.
- Ingestion points: Configuration data for SSO and role mappings provided by users or external sources are ingested during the setup process.
- Boundary markers: No delimiters or specific instructions are present to isolate untrusted configuration data from the agent's core instructions.
- Capability inventory: The skill's authorization to use 'Write' and 'Edit' tools allows the agent to modify configuration files, which could be exploited if malicious input is provided.
- Sanitization: No sanitization or validation logic is provided in the boilerplate code to handle potentially malicious configuration inputs.
- [SAFE]: The skill adheres to security best practices by using environment variables for sensitive credentials such as 'SAML_CERT' and 'POSTHOG_OAUTH_CLIENT_SECRET' instead of hardcoding them.
Audit Metadata