posthog-analytics
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill demonstrates a surface for indirect prompt injection by ingesting data from an external analytics platform. 1. Ingestion points: Data enters the agent context via PostHog MCP tools such as query-run, event-definitions-list, properties-list, and insights-get-all. 2. Boundary markers: Absent; the instructions do not specify any delimiters or safety headers to separate external data from the prompt context. 3. Capability inventory: The skill has the ability to run PostHog queries, create insights, dashboards, and experiments, and write persistent data to the local file .claude/product-context.md. 4. Sanitization: Absent; the skill does not suggest any escaping or validation of the data retrieved from PostHog before it is processed by the agent.
Audit Metadata