diagnosing-sdk-health
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
posthog:execute-sqltool to run specific queries provided by the health report. The instructions emphasize security by explicitly forbidding the agent from wrapping, truncating, or modifying these queries, and it notes that a backend sanitizer is in place to reject potentially unsafe version strings. - [EXTERNAL_DOWNLOADS]: References and links point exclusively to official PostHog documentation on
posthog.com. This is a trusted vendor domain and represents standard product support functionality. - [DATA_EXPOSURE]: The skill accesses project-specific SDK metadata and allows for querying event data via established PostHog tools. This data access is scoped to the user's authenticated environment and is used for its intended diagnostic purpose.
- [PROMPT_INJECTION]: Instructions directing the agent to quote certain fields verbatim (e.g., banners, status reasons) are included to ensure consistency between the agent's output and the PostHog UI, rather than attempting to override safety guidelines.
Audit Metadata