commandkit-analytics
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and code examples for analytics instrumentation.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets were found. The implementation examples correctly demonstrate using environment variables (e.g.,
process.env.POSTHOG_API_KEY) for sensitive configuration. - [DATA_EXFILTRATION]: The skill is designed for telemetry transmission to established providers (PostHog/Umami). It includes an explicit guardrail in
SKILL.mdadvising developers not to collect secrets or unnecessary personal data.
Audit Metadata