Skills
skills/superloglabs/skills/otel-nextjs-style/Gen Agent Trust Hub

otel-nextjs-style

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill explicitly instructs users to inline an API ingest key (SUPERLOG_KEY) directly into the source code (instrumentation.ts) and advises against using standard environment variables for this purpose.
  • Evidence: "Inline the endpoint and ingest key in instrumentation.ts — pass them explicitly to registerOTel. Don't rely on OTEL_EXPORTER_OTLP_* env vars"
  • Note: While the value provided in the code is a placeholder (superlog_live_…), this practice bypasses standard secret management recommendations.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of multiple third-party and vendor-specific NPM packages to function.
  • Evidence: References to @superlog/otel-helpers, @vercel/otel, @arizeai/openinference-instrumentation-anthropic, and various @opentelemetry/* packages.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 04:37 PM