opik
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to integrate LLM applications with Opik, which is its explicitly stated and verified purpose. No behaviors deviate from the expected functionality of an observability tool.
- [DATA_EXFILTRATION]: The skill transmits execution traces and metadata to the vendor's official domain (comet.com). This operation is transparently documented and necessary for the service's functionality, and it targets a trusted vendor endpoint.
- [EXTERNAL_DOWNLOADS]: The skill references several Python and Node.js packages for installation. These are official vendor-maintained libraries or well-known third-party framework dependencies, and no suspicious remote execution patterns were observed.
- [CREDENTIALS_UNSAFE]: The documentation correctly identifies best practices for secret management, recommending the use of environment variables and .env files rather than hardcoding sensitive information.
Audit Metadata