implementing-warehouse-sources
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents legitimate development workflows for extending the PostHog platform's data ingestion capabilities.
- [SAFE]: It promotes secure credential management by explicitly instructing developers to avoid hardcoding API keys and providing technical mechanisms (such as
connection_host_fields) to prevent accidental secret exposure during configuration updates. - [SAFE]: The instructions mandate the use of 'tracked' network clients for all HTTP and gRPC operations, ensuring that all external communication is monitored, scoped to the correct team/job, and protected against common vulnerabilities.
- [SAFE]: The document includes security controls like
_is_host_safeandValidateDatabaseHostMixinto mitigate Server-Side Request Forgery (SSRF) risks by validating that connection targets are not pointed at internal or private network infrastructure.
Audit Metadata