telemetry-foundations
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- Standardized Telemetry Framework: The skill defines a consistent language for traces, metrics, and logs based on the OpenTelemetry data model. It provides clear naming conventions and structural requirements for observability data, which is a common practice in enterprise application development.
- Proactive PII Handling: A core component of the skill is the PII denylist in
references/pii-denylist.md. This establishes a 'default-deny' posture for sensitive data fields such as emails, passwords, and tokens, requiring explicit redaction strategies (hashing or dropping) before they can be emitted in telemetry. - Trusted External References: The skill references established technology standards and organizations, including OpenTelemetry.io, the W3C Trace Context specification, and the UCUM standards for metric units. These are well-known, authoritative sources in the observability domain.
- Lack of Executable Content: The analysis confirms that the skill consists entirely of documentation and guidance. There are no scripts, shell commands, automated package installations, or dynamic context injections present in the files.
Audit Metadata