Skills
skills/sebas-aikon-intelligence/antigravity-awesome-skills/langfuse/Gen Agent Trust Hub

langfuse

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill captures untrusted LLM input and output data for tracing. Ingestion points: trace.generation and openai.chat.completions.create in SKILL.md. Capabilities: Captured data is transmitted to an external host via network operations. Sanitization: No data scrubbing or sanitization logic is demonstrated. Boundary markers: The snippets lack delimiters or instructions to ignore embedded prompts within the traces.
  • [Data Exposure & Exfiltration] (LOW): The skill facilitates network connections to cloud.langfuse.com, which is not on the whitelist of trusted domains. While appropriate for the tool's purpose, it remains an external network capability. API keys in the examples use placeholders (e.g., sk-...) and do not expose real credentials.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 06:52 AM