instrument-error-tracking
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected during the analysis. The skill's operations are consistent with its stated purpose of instrumenting error tracking.
- [COMMAND_EXECUTION]: The skill executes standard commands for package installation (e.g.,
npm install,pip install,go get,bundle install) using the project's detected package manager. These are legitimate operations for SDK setup. - [EXTERNAL_DOWNLOADS]: The skill references and downloads official PostHog SDKs from trusted public registries (NPM, PyPI, RubyGems, etc.). It also directs the agent to official PostHog documentation for research.
- [CREDENTIALS_UNSAFE]: The instructions explicitly forbid hardcoding API keys, instead directing the agent to use environment variables or retrieve them securely via an MCP tool or user input.
Audit Metadata