Skills
skills/neuradex/langfuse-skills/langfuse-model-list/Gen Agent Trust Hub

langfuse-model-list

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOW
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill uses npx tsx to execute its internal TypeScript script. This is a standard and expected execution method for Node.js-based agent tools.
  • [EXTERNAL_DOWNLOADS] (INFO): The command npx tsx may download the tsx package from the official npm registry if it is not present in the environment. This is a standard development dependency and does not originate from an untrusted source.
  • [CREDENTIALS_UNSAFE] (SAFE): API keys (LANGFUSE_PUBLIC_KEY and LANGFUSE_SECRET_KEY) are managed through environment variables. This prevents credential exposure in the source code.
  • [DATA_EXFILTRATION] (SAFE): Network activity is limited to retrieving model data from the Langfuse host (default: us.cloud.langfuse.com). No evidence of sensitive data being sent to unauthorized destinations was found.
  • [PROMPT_INJECTION] (SAFE): No instructions designed to override agent behavior or bypass safety constraints are present in the skill metadata or script code.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 07:23 AM