integration-react-react-router-6
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions consistently emphasize security best practices, specifically mandating the use of environment variables for PostHog project tokens and advising against hardcoding credentials in the source code.
- [SAFE]: External references and documentation links point to official PostHog domains (posthog.com) and the official PostHog GitHub organization, which are trusted sources for this integration.
- [SAFE]: The identified dependencies, 'posthog-js' and '@posthog/react', are the standard, official client-side SDKs for PostHog analytics.
- [SAFE]: The skill defines a clear, multi-step integration process for the agent, including planning, implementation, and verification, which includes using a PostHog-specific MCP tool for dashboard creation within the intended service scope.
- [SAFE]: While the skill involves reading and analyzing project files to create a tracking plan (a surface for indirect prompt injection), it provides a standard operational workflow for an integration agent and does not exhibit malicious intent or bypass patterns.
Audit Metadata