agent-telemetry

[Skill Scanner] [Documentation context] Credential file access detected This is a legitimate, benign documentation skill that guides adding structured logging and exposing logs to AI agents. It aligns with its stated purpose and contains no malicious code or supply-chain download/execute patterns. The main security risks are operational: accidental exposure of sensitive data via logs and insufficient access controls for dev endpoints or log files. Implementers should ensure dev-only endpoints are access-controlled, sanitize/redact sensitive fields before logging, configure file permissions and rotation, and avoid enabling such endpoints in production. LLM verification: [LLM Escalated] This skill is a legitimate observability/telemetry guidance document and not malware. However, it includes practical, copy-pasteable instructions that, if implemented without stronger guardrails, create a moderate risk of accidental credential or PII exposure (scanning .env/config, dev log endpoints, unredacted logs). Fixes should include explicit authentication and network restrictions for any dev endpoints, concrete redaction/field-blacklist examples, retention and access controls for log file