instrument-distributed-tracing
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill instructions or provided code examples.
- [EXTERNAL_DOWNLOADS]: The skill utilizes official OpenTelemetry libraries and exporters from standard public registries (PyPI, NPM, and Go modules). These are industry-standard tools for observability.
- [COMMAND_EXECUTION]: Uses Bash for package installation and container orchestration via Docker Compose. These actions are legitimate and necessary for the stated purpose of setting up a distributed tracing environment.
- [DATA_EXPOSURE_AND_EXFILTRATION]: Configuration examples for backends like S3 use placeholder values and do not contain hardcoded credentials. All network communications are directed to user-controlled tracing endpoints.
Audit Metadata