feature-usage-feed
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Employs
posthog:execute-sqlfor database inspection to identify feature prefixes and verify event volume. - [DATA_EXFILTRATION]: Facilitates the automated transfer of summarized trace data from PostHog's internal analytics environment to external Slack channels via the PostHog Workflows system.
- [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where untrusted data from user-generated
$ai_generationtraces is processed by an LLM-judge for notification summaries. Ingestion points are the trace data fetched viaposthog:query-llm-traces-list. Boundary markers and sanitization steps are absent from the prompt template. Capability inventory includes evaluation management and Slack dispatch via PostHog's internal systems.
Audit Metadata