Skills
skills/langfuse/skills/langfuse/Gen Agent Trust Hub

langfuse

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches documentation and integration guides from the official vendor website langfuse.com using curl and WebFetch. These operations provide up-to-date information on platform features.
  • [REMOTE_CODE_EXECUTION]: The skill uses npx and bunx to execute the langfuse-cli package. This is the official command-line tool provided by Langfuse for programmatic data access. As the skill is authored by the vendor and uses their official package, this is considered standard functionality.
  • [COMMAND_EXECUTION]: The skill uses the gh CLI to submit user feedback to the langfuse/skills repository via GitHub Discussions. It also uses npx langfuse-cli to interact with the Langfuse REST API. These actions are intended for legitimate skill functionality such as feedback submission and metadata discovery.
  • [CREDENTIALS_UNSAFE]: The skill handles sensitive API keys but explicitly instructs the user to manage them safely using environment variables or .env files rather than pasting them into the chat. It also correctly recommends using the public key for frontend feedback collection to prevent secret key exposure.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 02:36 PM