The Agent Skills Directory

[SAFE]: The skill uses established PostHog MCP tools (posthog:query-llm-traces-list, posthog:query-llm-trace, posthog:execute-sql) to retrieve data. These tools are authenticated and managed by the agent platform, and their use in this context is consistent with the skill's stated purpose of LLM observability.
[SAFE]: The Python scripts in the scripts/ directory (extract_conversation.py, extract_span.py, print_summary.py, print_timeline.py, search_traces.py, and show_structure.py) are simple diagnostic tools. They use standard libraries (json, os, sys) to parse JSON files and print formatted output to the console. They do not perform any network operations, file modifications, or subprocess executions.
[SAFE]: No evidence of prompt injection, obfuscation, or hardcoded credentials was found in the documentation or scripts. The instructions emphasize discovering the project's specific schema using 'posthog:read-data-schema' before constructing queries, which is a safe and recommended practice.
[SAFE]: While the skill processes external data (LLM traces) which could theoretically contain malicious instructions (Indirect Prompt Injection), the provided scripts are read-only and do not execute or act upon the content of the traces, mitigating the risk of capability abuse.

exploring-llm-traces