adding-feature-flags
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected in this skill. The instructions and code examples provided are consistent with standard development practices for feature toggling and A/B testing.
- [EXTERNAL_DOWNLOADS]: The skill suggests installing 'posthog-js' and references 'posthog-node'. These are official libraries for PostHog, a well-known and widely used product analytics platform.
- [CREDENTIALS_UNSAFE]: The skill correctly demonstrates how to handle sensitive API keys using environment variables (e.g., 'process.env.POSTHOG_API_KEY') and recommends using '.env' files for local configuration, which is the industry standard for secure secret management in development.
Audit Metadata