langfuse-trace-list
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (LOW): The script makes network requests to the Langfuse API (defaulting to us.cloud.langfuse.com) which is not on the trusted whitelist. It transmits API credentials via Basic Authentication as intended for the service.
- Unverifiable Dependencies & Remote Code Execution (LOW): The skill uses
npx tsxfor execution, which may download thetsxpackage from the npm registry at runtime. - Indirect Prompt Injection (LOW): The skill ingests and displays trace data (e.g., names, user IDs) from an external API. This untrusted content is presented to the agent without sanitization, creating a potential injection surface. 1. Ingestion points: API response in scripts/langfuse-trace-list.ts. 2. Boundary markers: Absent. 3. Capability inventory: Console output processed by the agent. 4. Sanitization: Absent.
Audit Metadata