ai-observability-and-debugging

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides comprehensive technical guidance for implementing OpenTelemetry (OTel) tracing and observability for AI features. It includes safety-oriented recommendations such as redacting PII from logs, avoiding plaintext logging of full prompts, and ensuring replay tools operate in a read-only environment to prevent production side effects.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive data access or exfiltration patterns were identified. The instructions appropriately recommend storing high-cardinality and sensitive payloads in S3 with access-controlled references in trace attributes rather than logging them directly.
  • [PROMPT_INJECTION]: No prompt injection or behavior override patterns were detected. The skill focuses on developer-facing instrumentation and operational tooling.
  • [INDIRECT_PROMPT_INJECTION]: The skill describes building an observability stack that processes untrusted data (AI prompts and responses) for debugging and citations. While this constitutes an attack surface, the instructions specifically mitigate risks through best practices like structured data (JSON) for citations and recommending the redaction of sensitive information.
  • Ingestion points: S3 payload storage and audit log databases referenced in SKILL.md (§3).
  • Boundary markers: The use of structured JSON for citations and claims is recommended to prevent schema confusion.
  • Capability inventory: The proposed Replay CLI and "Show me why" UI are described as diagnostic tools with read-only requirements.
  • Sanitization: The skill explicitly instructs users to avoid logging PII in attributes and to redact sensitive data from logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 04:57 PM
Security Audit — agent-trust-hub — ai-observability-and-debugging