assessing-heatmaps
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions define a standard analytical workflow using internal PostHog tools. There are no instances of credential exfiltration, malicious remote code execution, or privilege escalation.
- [PROMPT_INJECTION]: Identification of Indirect Prompt Injection surface. (1) Ingestion points: Website element text ($el_text) is ingested via SQL queries in SKILL.md. (2) Boundary markers: The instructions do not define specific delimiters for separating untrusted element text from the agent's internal reasoning. (3) Capability inventory: The skill possesses capabilities for data retrieval and creating saved heatmaps within the PostHog environment. (4) Sanitization: The skill does not prescribe specific sanitization or filtering logic for the ingested element text.
Audit Metadata