instrument-product-analytics
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads official PostHog SDKs and dependencies from public registries (npm, PyPI, RubyGems, etc.). These sources are recognized as well-known and trusted technology services.
- [COMMAND_EXECUTION]: The skill executes standard package manager installation commands (e.g.,
npm install,pip install,composer require) and code quality tools (e.g., linters and formatters) as part of the instrumentation and verification process. - [SAFE]: The skill instructions correctly prioritize the use of environment variables for managing API keys and hosts, adhering to secure development practices. It does not attempt to access sensitive system files or exfiltrate private user data.
Audit Metadata