api-tracing-otel
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to generate code templates for observability. No malicious patterns, obfuscation, or unauthorized data access were identified during analysis.\n- [PROMPT_INJECTION]: The skill utilizes string interpolation of user-supplied variables into file paths and source code, which presents a surface for indirect prompt injection. This risk is considered low as it is intrinsic to the skill's primary function as a code generator.\n
- Ingestion points: User-provided input for
{feature}and{operation}variables used in SKILL.md templates.\n - Boundary markers: No explicit delimiters or instructions are used to distinguish user input from the rest of the generated code.\n
- Capability inventory: The skill has permissions to write and edit files on the system.\n
- Sanitization: There is no evidence of input validation or sanitization for the parameters used in the interpolation process.
Audit Metadata