workleap-telemetry
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical reference for a telemetry integration library. No malicious behavior, obfuscation, or security vulnerabilities were identified during the review.
- [EXTERNAL_DOWNLOADS]: The documentation refers to well-known industry services such as Honeycomb, LogRocket, and Mixpanel, as well as the vendor's own NPM packages (@workleap/telemetry, @workleap/logging). These references are standard for the described functionality and originate from trusted or well-known sources.
- [CREDENTIALS_UNSAFE]: While the skill discusses the use of API keys and proxies for telemetry services, it correctly uses placeholders (e.g., 'hcaik_...', 'your-app-id') and provides security best practices, such as using proxies instead of direct API keys in the frontend.
- [PROMPT_INJECTION]: The content is strictly technical and instructional. It does not contain instructions aimed at overriding agent behavior, bypassing safety protocols, or extracting system prompts.
Audit Metadata