omnibus-instrument-logs
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes package manager commands (
npm install,pip install,go get,mvn) to install OpenTelemetry SDKs and exporters as part of the setup process. - [EXTERNAL_DOWNLOADS]: The skill downloads official OpenTelemetry libraries from standard registries (NPM, PyPI, Maven Central, Go Proxy) to enable logging functionality.
- [DATA_EXFILTRATION]: The skill is designed to transmit application logs to PostHog's ingestion endpoint (
https://us.i.posthog.com/i/v1/logs). This is the intended primary purpose of the skill and uses standard OTLP headers for authentication. - [CREDENTIALS_UNSAFE]: The skill explicitly instructs the agent to use environment variables for PostHog API keys and OTLP endpoints, leveraging MCP tools (
check_env_keys,set_env_values) rather than hardcoding secrets in source code. - [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it ingests and analyzes untrusted data from the local codebase and pull requests to determine logging requirements.
- Ingestion points: Reads files from the codebase to detect platforms and logging libraries; analyzes PR content (SKILL.md).
- Boundary markers: None specified in instructions to distinguish between code and potential embedded instructions.
- Capability inventory: Perform file writes, install packages via shell, and set environment variables.
- Sanitization: No explicit sanitization or validation of the codebase content before processing.
Audit Metadata