langsmith-trace
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection Surface]: The skill processes data from LangSmith traces, which can contain content from external interactions.
- Ingestion points: Trace and run data are retrieved from the LangSmith API in
scripts/query_traces.pyandscripts/query_traces.ts. - Boundary markers: The output is displayed or exported as structured JSON/JSONL without specific delimiters to isolate potentially untrusted content within the trace metadata.
- Capability inventory: The skill possesses file-write capabilities for exporting data and can print full trace content to the terminal.
- Sanitization: Content is retrieved and displayed directly from the API; it is recommended to treat this data as untrusted if it serves as input for downstream automated agents.
Audit Metadata