copying-flags-across-projects
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill instructions. The skill utilizes official PostHog tools to perform intended tasks.
- [COMMAND_EXECUTION]: The workflow involves using specific API tools to fetch and create feature flag definitions. These operations are gated by a required human-in-the-loop confirmation step and clear previews of the data being moved, which prevents accidental or unintended changes to production environments.
- [DATA_EXFILTRATION]: Data movement is strictly limited to projects within the same organization. The skill documentation explicitly notes that cross-organization transfers are not supported, and it provides guidance on necessary API key scopes to ensure authorized access.
Audit Metadata