Skills
skills/posthog/ai-plugin/managing-path-cleaning-rules/Gen Agent Trust Hub

managing-path-cleaning-rules

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it instructs the agent to process $pathname data which originates from external website visitors. A malicious user could visit a URL designed to look like an instruction.\n
  • Ingestion points: SQL query results from the events table in SKILL.md (Workflow Step 2).\n
  • Boundary markers: Absent.\n
  • Capability inventory: execute-sql and project-settings-update tools.\n
  • Sanitization: Absent.\n- [SAFE]: The skill uses platform management tools (execute-sql, project-settings-update) for their intended purposes within the environment.\n- [SAFE]: External references to documentation for regex syntax point to well-known service repositories.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 07:41 PM
Security Audit — agent-trust-hub — managing-path-cleaning-rules