Skills
skills/ag2ai/ag2-skills/ag2-telemetry/Gen Agent Trust Hub

ag2-telemetry

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to install the ag2 package with tracing support via the command pip install "ag2[openai,tracing]".
  • [DATA_EXFILTRATION]: The TelemetryMiddleware is designed to transmit execution traces to external OTLP-compatible backends such as Jaeger, Grafana Tempo, or Datadog. By default, the middleware captures and exports the content of agent messages and tool interactions. The documentation includes clear guidance on disabling this behavior using the capture_content=False parameter to protect sensitive data.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill ingests untrusted data from agent conversations and tool outputs to populate telemetry spans. This establishes a surface where malicious content processed by the agent is included in logs sent to external monitoring systems.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 08:42 PM
Security Audit — agent-trust-hub — ag2-telemetry