Skills
skills/tracekit-dev/tracekit-for-ai/tracekit-browser-sdk/Gen Agent Trust Hub

tracekit-browser-sdk

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides legitimate instructions for integrating an Application Performance Monitoring (APM) tool into web applications.
  • [EXTERNAL_DOWNLOADS]: In SKILL.md, the skill references standard package managers to install @tracekit/browser and @tracekit/replay. These are verified vendor resources belonging to the author.
  • [COMMAND_EXECUTION]: In SKILL.md, the skill utilizes a local helper script ./scripts/run-tracekit-auth.sh for checking authentication status and managing user registration. This facilitates a streamlined setup process and is consistent with the skill's purpose.
  • [DATA_EXFILTRATION]: In SKILL.md, the SDK is configured to transmit telemetry and error data to the vendor's official endpoint (https://app.tracekit.dev/v1/traces). This is the core functionality of an APM service and does not involve unauthorized data transfer.
  • [PROMPT_INJECTION]: In SKILL.md, the instructions regarding the authentication flow are operational guidelines intended to improve user experience. They do not attempt to bypass safety protocols or hide malicious behavior from the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 12:37 PM