tracekit-browser-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the installation of '@tracekit/browser' and '@tracekit/replay' from the NPM registry. These packages are part of the author's own verified ecosystem for performance monitoring.
- [COMMAND_EXECUTION]: The instructions include standard commands for package management ('npm install') and source map management ('npx tracekit-cli'). These operations are legitimate and intended for application instrumentation and build-time tasks.
- [CREDENTIALS_UNSAFE]: The skill emphasizes the secure handling of API keys, recommending the use of environment variables and build-tool injection instead of hardcoding secrets. It provides clear guidance on using .env files for local development and CI/CD secrets for production.
Audit Metadata