cleaning-up-stale-feature-flags
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill's behavior is entirely consistent with its stated purpose.
- [COMMAND_EXECUTION]: The skill uses specific PostHog tools (
posthog:feature-flag-get-all,posthog:update-feature-flag, etc.) to perform operations. These tools are scoped to the PostHog platform and are used appropriately within the workflow. - [DATA_EXFILTRATION]: There is no evidence of data exfiltration. The skill processes feature flag data through authorized tools and does not attempt to send information to unauthorized external domains.
- [PROMPT_INJECTION]: The skill does not contain instructions to bypass agent safety filters or override core behavior. It provides clear, structured guidance for task completion.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes external data (feature flag definitions from the PostHog API), it includes strong mitigation by requiring explicit user confirmation before any action is taken based on that data.
Audit Metadata