diagnosing-missing-recordings
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Utilizes the posthog:execute-sql tool to perform read-only diagnostic queries on the project's event data. The queries are scoped to session-specific metadata and are used to interpret SDK state.
- [PROMPT_INJECTION]: Identifies an indirect prompt injection surface as the skill processes and interprets externally-supplied event properties (e.g., $recording_status). Ingestion points: Event properties fetched from the events table via posthog:execute-sql (SKILL.md). Boundary markers: Absent in the provided SQL templates and interpretation logic. Capability inventory: Includes SQL execution and recording retrieval capabilities across SKILL.md and references/examples.md. Sanitization: The skill does not explicitly instruct the agent to sanitize or escape data retrieved from the database before analysis.
Audit Metadata