exploring-mcp-sessions
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions are purely task-oriented and do not contain any patterns typical of prompt injection, such as instructions to ignore previous rules or bypass safety guidelines.
- [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The only URL referenced is for the official PostHog application ('app.posthog.com'), which is standard vendor infrastructure.
- [COMMAND_EXECUTION]: The skill uses the 'posthog:execute-sql' tool to perform read-only HogQL (PostHog SQL) queries on event data. This is a legitimate use of the vendor's provided tools for data analysis and does not involve arbitrary shell command execution.
- [SAFE]: The skill documentation follows best practices for data exploration, providing clear workflows for session listing and debugging without introducing security risks.
Audit Metadata