instrument-error-tracking
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install PostHog SDKs from official registries (NPM, PyPI, Maven, etc.) depending on the detected project environment.
- [COMMAND_EXECUTION]: Automated execution of package manager commands (e.g.,
npm install,pip install,bundle install) is used to set up the necessary dependencies. - [DATA_EXPOSURE]: The skill manages project configuration by reading and writing to environment variable files (e.g.,
.env,.env.local), utilizing standard practices for secret management and avoiding hardcoded credentials. - [REMOTE_CODE_EXECUTION]: Includes a standard JavaScript tracking snippet that dynamically loads the PostHog library from the vendor's assets CDN (
*-assets.i.posthog.com). This is a documented and expected pattern for web-based analytics and error tracking tools. - [DATA_EXFILTRATION]: Configures the application to transmit exception telemetry and error logs to PostHog's ingestion endpoints (
*.i.posthog.com), which is the intended primary functionality of the skill.
Audit Metadata