integration-android
Fail
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE]: No security issues were detected in the skill instructions or provided code examples. The skill follows industry best practices by instructing users to use environment variables for API keys and recommending early initialization in the Application class.
- [EXTERNAL_DOWNLOADS]: The skill integrates the official PostHog Android SDK (
com.posthog:posthog-android). This is a verified dependency from a well-known vendor used for its intended purpose. - [DATA_EXFILTRATION]: The skill captures and transmits user events and identification data to PostHog's official analytics endpoints. This data transmission is the primary function of the skill and is performed using standard SDK methods.
- [SAFE]: The automated security alert flagging
proguard-rules.prois a false positive. The content provided in the skill for this file consists of standard Android boilerplate comments and a link to official Google developer documentation.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata