logs-nextjs
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of documentation and implementation examples for a well-known service (PostHog). It provides instructions for setting up log ingestion using standard OpenTelemetry protocols.
- [EXTERNAL_DOWNLOADS]: The documentation includes instructions to install official OpenTelemetry packages from the npm registry (e.g.,
@opentelemetry/sdk-logs), which is a standard development practice. - [DATA_EXFILTRATION]: The skill instructs the agent/user to configure a network exporter pointing to
https://us.i.posthog.com/i/v1/logs. This is the legitimate ingestion endpoint for the PostHog service and is consistent with the skill's primary purpose. - [CREDENTIALS_UNSAFE]: The skill explicitly warns against hardcoding API keys and recommends using environment variables. It uses clear placeholders like
<ph_project_token>in code snippets to represent user-provided credentials.
Audit Metadata