langfuse-prompt-upsert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (LOW): The script reads local files or stdin and sends the content to the Langfuse API. While this is the intended purpose for managing prompts, the lack of file path validation means a compromised or misdirected agent could be tricked into uploading sensitive local files (e.g., ~/.aws/credentials) to the external platform.
- [PROMPT_INJECTION] (LOW): The skill facilitates Indirect Prompt Injection (Category 8) by processing untrusted input without sanitization.
- Ingestion points:
scripts/langfuse-prompt-upsert.tsreads data fromprocess.stdinor a user-provided file path. - Boundary markers: None; the script transmits the entire input as the prompt body to the API.
- Capability inventory: Network POST via
fetchtous.cloud.langfuse.com. - Sanitization: No content validation, escaping, or schema enforcement is performed on the ingested data.
Audit Metadata