Skills
skills/dash0hq/agent-skills/otel-instrumentation/Gen Agent Trust Hub

otel-instrumentation

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of official OpenTelemetry components and tools from well-known sources:
  • Fetches the .NET auto-instrumentation installation script from the OpenTelemetry GitHub repository.
  • Downloads the Java instrumentation agent (opentelemetry-javaagent.jar) from the official OpenTelemetry releases.
  • Recommends the installation of vendor-specific SDKs (e.g., @dash0/sdk-web) from the npm registry.
  • [COMMAND_EXECUTION]: Provides a series of shell commands for setting up observability environments, including:
  • Script execution for .NET and Java instrumentation setup (e.g., sourcing instrument.sh).
  • Package management commands using npm, pip, composer, bundle, and pecl to install required dependencies.
  • System-level commands for installing build tools on Linux (e.g., sudo apt-get install gcc make autoconf) required for compiling PHP extensions.
  • [CREDENTIALS_UNSAFE]: The documentation describes how to configure authentication for OTLP exporters using headers (e.g., OTEL_EXPORTER_OTLP_HEADERS="Authorization=Bearer <token>"). The skill appropriately uses placeholders for these values and includes a dedicated guide (rules/resolve-values.md) on securely managing secrets using environment variables and Kubernetes Secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 10:15 AM