Skills
skills/ajshedivy/agno-cookbook/agentos-api-traces/Gen Agent Trust Hub

agentos-api-traces

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by retrieving and displaying execution traces from an external API.
  • Ingestion points: The CLI script scripts/view_traces.py fetches trace data from the /traces and /traces/{trace_id} endpoints.
  • Boundary markers: Data from traces (such as user inputs) is displayed to the user without explicit isolation delimiters or safety warnings.
  • Capability inventory: The skill utilizes the AgentOSClient which is capable of network operations and managing agent executions.
  • Sanitization: No sanitization is applied to the trace data before it is rendered.
  • [DATA_EXFILTRATION]: The skill facilitates the retrieval of execution traces that may contain sensitive data such as model inputs, outputs, and tool call arguments from past sessions. This is a standard feature for tracing and observability.
  • [COMMAND_EXECUTION]: The provided Python script performs network requests to an AgentOS server at a user-defined URL to fetch observability data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 05:42 AM