The Agent Skills Directory

[SAFE]: The skill provides integration instructions for official PostHog SDKs. All package references (e.g., posthog-js, posthog-node, @posthog/react) and URLs (e.g., posthog.com, github.com/PostHog) originate from the official vendor and are used for their intended analytics and integration purposes.
[SAFE]: Instructions in SKILL.md explicitly direct the agent to store API keys in environment variables (Step 6) and avoid hardcoding them, which aligns with standard security best practices for secret management.
[SAFE]: Example integration files (e.g., references/EXAMPLE-swift.md) include a public Project API Key (phc_jE9kXU0depRekiuabVROlxxkIXn95NqsNO3qB4qNKtl). These keys are intended for use in client-side code and do not grant administrative access; their presence in documentation provided by the vendor is standard practice for providing functional code examples.
[SAFE]: The skill utilizes official setup tools such as npx @posthog/wizard@latest and standard package managers (npm, pip, bundle, composer) to install verified SDKs from trusted registries.
[SAFE]: The skill analyzes project configuration files (e.g., package.json, requirements.txt) to determine the application framework. This diagnostic step is necessary for its primary purpose and does not exhibit patterns of malicious obedience or data exfiltration.

instrument-integration