studio-sdk
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill identifies an external endpoint (https://ingest.flowsterix.studio) for telemetry data, which is consistent with its stated purpose as an analytics SDK. It uses non-sensitive placeholders for API keys (e.g., 'sk_live_xxx').
- [Unverifiable Dependencies] (SAFE): While the skill references external packages like @flowsterix/studio and @flowsterix/core, it does not attempt to install or execute them; it provides documentation on their intended usage.
- [No Code] (SAFE): The skill consists entirely of documentation (Markdown) and TypeScript code snippets intended for reference by the developer. It does not contain any executable files, shell scripts, or automation that could be exploited.
Audit Metadata