The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill instructs users to install the langsmith package via pip. This is a standard and expected operation for using the platform. The package is hosted on PyPI, a well-known registry. Per [TRUST-SCOPE-RULE], downloads from known repositories for their intended purpose are considered low risk.
[CREDENTIALS_UNSAFE] (SAFE): The skill correctly uses environment variable placeholders like "your-api-key" and "your-key" for API keys, which is a recommended security practice to avoid hardcoding sensitive secrets.
[DATA_EXFILTRATION] (SAFE): While the skill involves sending trace data to the LangSmith platform (smith.langchain.com), this is the primary and stated purpose of the skill. The documentation explicitly provides a 'Process inputs/outputs' section demonstrating how to sanitize sensitive data (like passwords) before it is sent to the tracing platform, showing a proactive approach to data privacy.
[COMMAND_EXECUTION] (SAFE): The shell commands provided (pip install, export) are standard installation and configuration steps. No arbitrary or hidden command execution patterns were detected.
[INDIRECT_PROMPT_INJECTION] (LOW): The skill has a data ingestion surface as it processes LLM inputs and outputs for tracing. However, it is an observability tool and does not autonomously execute actions based on that data. Boundary markers are not applicable here as it is a monitoring integration, not a task-execution agent. The capability to 'pull_prompt' from the LangSmith Hub is a standard feature for prompt management.

langsmith-observability