instrument-llm-analytics
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs several well-known packages from standard registries (NPM and PyPI) including '@posthog/ai', 'posthog', and various 'opentelemetry-instrumentation' modules. These are official tools used for the skill's primary function of telemetry collection.
- [COMMAND_EXECUTION]: The skill executes package manager commands ('npm install', 'pip install') to add necessary dependencies to the user's project. These actions are triggered based on the specific LLM stack detected in the codebase.
- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect injection as it reads project lockfiles and dependency metadata to determine the instrumentation path.
- Ingestion points: Project lockfiles, dependency files (package.json, requirements.txt), and local source code imports analyzed in Step 1.
- Boundary markers: Not present. The skill does not explicitly instruct the agent to ignore instructions embedded in the analyzed code or configuration files.
- Capability inventory: The agent can execute package installation commands and write telemetry configuration and environment variables to the filesystem.
- Sanitization: Not present. The skill relies on standard package manager behavior and does not mention specific validation of detected dependency names or versions before use.
Audit Metadata