qa-observability
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or vulnerabilities were detected. The skill consists of high-quality documentation and templates for observability practices.
- [EXTERNAL_DOWNLOADS]: The skill correctly references documentation and resources from trusted organizations including Google (SRE guidelines), OpenTelemetry, Prometheus, Grafana, k6, and NIST. It uses official GitHub repositories and domains for these services.
- [COMMAND_EXECUTION]: Provides standard command-line examples for installing common development packages (via npm, pip) and managing infrastructure (via kubectl and docker-compose) related to setting up observability stacks.
- [DATA_EXFILTRATION]: Includes templates for load testing utilities (k6, Artillery) which are designed to make network requests to target APIs as part of performance validation. These activities are transparently documented and follow standard testing practices.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials were found. Templates use environment variable placeholders (e.g., $AUTH_TOKEN, $GRAFANA_API_KEY) or standard test tokens for illustrative purposes.
Audit Metadata