Skills
skills/miketromba/skills/posthog/Gen Agent Trust Hub

posthog

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches documentation and implementation guides from PostHog's official website (posthog.com) to provide the agent with current API and configuration details.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests and processes external documentation content to generate code and commands.
  • Ingestion points: Documentation content retrieved from posthog.com/docs and its sub-pages in SKILL.md.
  • Boundary markers: Absent; the skill does not specify delimiters to isolate fetched content from agent instructions.
  • Capability inventory: The agent extracts package names, installation commands, and code snippets based on the external documentation.
  • Sanitization: None; the skill relies on the sub-agent to summarize fetched content without explicit validation steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 07:07 PM
Security Audit — agent-trust-hub — posthog