go-observability
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill includes instructions for initializing OpenTelemetry exporters which facilitate the transfer of telemetry data over the network to a collector. This is standard functionality for distributed tracing and uses well-known observability protocols.
- [INDIRECT_PROMPT_INJECTION]: The skill involves the processing of external request data for observability purposes, creating a surface where untrusted input is incorporated into logs and traces.
- Ingestion points: Request metadata (e.g., URL paths, HTTP methods) and user-provided fields (e.g., email) are captured in the logging and tracing examples in
SKILL.md. - Boundary markers: Structured logging techniques (slog) are used to separate data attributes from the log message structure.
- Capability inventory: Data is directed to standard output streams and configured network telemetry endpoints.
- Sanitization: The skill provides explicit guidance and code examples for redacting credentials and personally identifiable information (PII) before it is recorded.
Audit Metadata