arize-instrumentation

Pass

Audited by Gen Agent Trust Hub on May 26, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads documentation, integration mappings, and code snippets from the official vendor website (arize.com). It utilizes standard package managers (pip, npm, go get) to install instrumentation libraries from public registries.
  • [COMMAND_EXECUTION]: Executes shell commands to install software and configure the local environment via the Arize CLI (ax). All commands are purpose-built for tracing setup and include security-conscious instructions, such as avoiding the use of raw credentials in shell commands.
  • [SAFE]: The skill demonstrates strong security posture by explicitly prohibiting the hardcoding of credentials in generated source code. It also implements a multi-phase workflow that prioritizes codebase inspection before performing any modifications.
  • [SAFE]: Provides user-guided configuration for persisting environment variables in shell profiles (e.g., ~/.zshrc). This persistence is intended for developer convenience and is only established after explicit user confirmation at the end of a session.
Audit Metadata
Risk Level
SAFE
Analyzed
May 26, 2026, 10:07 AM
Security Audit — agent-trust-hub — arize-instrumentation