semantic-conventions
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads semantic convention metadata and specification files from the official OpenTelemetry GitHub repository (
open-telemetry/semantic-conventions) using GitHub's API and raw content domains. This is a legitimate use case for providing up-to-date instrumentation guidance.\n- [COMMAND_EXECUTION]: The included bash script,./scripts/query-otel-semantic-conventions.sh, executes standard utilities likecurl,jq, andawkto process remote data. The script implements proper input normalization and argument handling to prevent injection vulnerabilities.\n- [DATA_EXFILTRATION]: No sensitive data exposure or exfiltration patterns were identified. Network operations are limited to the intended public resources of the OpenTelemetry project, and no access to local secrets or sensitive file paths is requested.
Audit Metadata