report-agent-risk-data
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use
ripgrep(rg) to scan the codebase for specific strings related to span instrumentation, such asspanTypeandwithSpan. - [COMMAND_EXECUTION]: The skill utilizes the
prefactorCLI to create, list, and retrieve agent schema versions, which involves transmitting metadata about data categories and action profiles to the vendor's platform. - [SAFE]: The skill is a legitimate tool for compliance tracking and data governance; it processes source code to infer and record metadata (risk classification) rather than exfiltrating actual sensitive content, and it relies on vendor-owned packages and infrastructure.
Audit Metadata