observability-patterns
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): Several setup scripts automate the installation of third-party packages from PyPI.
scripts/setup-agentops.sh: Executespip install -U agentops.scripts/setup-phoenix.sh: Executespip install openinference-instrumentation-google-adk google-adk arize-phoenix-otel.scripts/setup-weave.sh: Executespip install opentelemetry-sdk opentelemetry-exporter-otlp-proto-http.- DATA_EXFILTRATION (MEDIUM): The primary purpose of this skill is to log agent interactions, including user inputs and LLM responses, to external services (BigQuery, AgentOps, Arize Phoenix, Weights & Biases).
- Ingestion points:
templates/bigquery-analytics-config.pyand other config files ingestLLM_REQUESTandLLM_RESPONSEdata. - Capability inventory: Exports data via network operations to third-party endpoints (e.g.,
https://trace.wandb.ai,app.agentops.ai). - Boundary markers: Absent in templates.
- Sanitization: The skill provides a commendable example of a
sanitize_contentfunction intemplates/bigquery-analytics-config.pyto redact PII and keys, but its implementation is optional and depends on user configuration. - COMMAND_EXECUTION (LOW): Scripts like
scripts/setup-bigquery-analytics.shandscripts/setup-cloud-trace.shexecute system commands (gcloud,bq,gsutil) to configure cloud infrastructure and modify IAM permissions (e.g., grantingroles/bigquery.dataEditor). while legitimate for setup, these require high-privilege credentials.
Audit Metadata