check-posthog
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (SAFE): The skill runs a local environment detection script and utilizes standard tools like
grepandfind. These operations are used for auditing the local project structure and do not incorporate unvalidated external input. - [Data Exposure & Exfiltration] (SAFE): The skill reads
.env.localand source files to verify the presence of configuration and privacy settings. It does not exfiltrate the content of these files or hardcoded credentials. - [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from the local repository (source code and configuration files) to generate reports. An attacker with write access to the repository could potentially influence the audit results or agent behavior through malicious file content.
- Ingestion points:
package.json,.env.local,next.config.*, and all*.ts/*.tsxsource files. - Boundary markers: Delimiters or 'ignore instructions' warnings are not used when processing file content.
- Capability inventory: Local file reading via
grep, local script execution, and PostHog MCP tool interaction. - Sanitization: No escaping or validation is performed on the ingested file contents.
Audit Metadata