Skills
skills/comet-ml/opik-skills/instrument/Gen Agent Trust Hub

instrument

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and processes untrusted codebase files to drive its instrumentation logic and code modification tasks. \n
  • Ingestion points: Scans local project files and imports using Read, Grep, and Glob tools to identify languages and frameworks (SKILL.md). \n
  • Boundary markers: No specific delimiters or instructions are employed to prevent the agent from obeying instructions embedded within the codebase being analyzed. \n
  • Capability inventory: The skill utilizes Edit, Write, and Bash tools to perform modifications and configure the environment. \n
  • Sanitization: There is no evidence of sanitization or validation of the codebase content before it influences the agent's actions. \n- [DATA_EXFILTRATION]: The skill interacts with sensitive configuration files such as .env and ~/.opik.config to manage OPIK_API_KEY, OPIK_WORKSPACE, and OPIK_URL_OVERRIDE settings (Step 7). \n- [COMMAND_EXECUTION]: The skill uses Bash for environment discovery and configuration management, although it correctly defers the execution of package installation commands to the user (Step 8).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 04:43 PM