workleap-logging
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- EXTERNAL_DOWNLOADS (SAFE): The skill references standard npm packages (@workleap/logging, @workleap/telemetry, @squide/firefly) from a known organization. These are typical library dependencies for Workleap frontend applications.
- DATA_EXFILTRATION (SAFE): While the skill describes logging, it explicitly advises against logging sensitive data like passwords, tokens, or PII. No code for sending data to untrusted third-party domains was found.
- PROMPT_INJECTION (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected.
- FALSE POSITIVE ALERT: The automated scanner identified 'logger.info' as a malicious URL. This is an error; 'logger.info' is a common method signature in programming and does not represent a network location.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata