claude-langfuse
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill correctly implements API authentication and data handling for the Langfuse observability platform.
- [DATA_EXFILTRATION]: The skill accesses local session metadata in
~/.claude/langfuse/sessions/and sources environment variables from~/.secretsto authenticate with Langfuse. It transmits session trace data to the officialcloud.langfuse.comdomain for analysis purposes. - [PROMPT_INJECTION]: Potential surface for indirect prompt injection exists in the reflection feature. The skill processes untrusted historical session data (user prompts) and suggests modifications to agent system instructions based on detected patterns.
- Ingestion points:
utils/reflect.pyfetches historical trace data containing user prompts via the Langfuse API. - Boundary markers: Absent; the script scans raw prompt text using regex patterns.
- Capability inventory: The skill uses
WriteandEdittools to apply proposed changes to agent files likeCLAUDE.mdandagents/*.md. - Sanitization: The skill mitigates risk by requiring explicit user approval before any proposed changes are applied to files.
Audit Metadata