Skills
skills/vm0-ai/vm0-skills/posthog/Gen Agent Trust Hub

posthog

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill facilitates communication with the official PostHog API (us.posthog.com), a well-known and trusted product analytics platform.
  • [SAFE]: Sensitive authentication is handled securely using the $POSTHOG_TOKEN environment variable, which prevents hardcoding of secrets.
  • [SAFE]: File system usage is restricted to creating temporary JSON files in /tmp for assembling API request payloads, which is a standard and benign practice for CLI tools.
  • [SAFE]: The skill's commands (curl and jq) are used exclusively for legitimate API interactions and do not involve unauthorized command execution or data exfiltration.
  • [SAFE]: No evidence of prompt injection, obfuscation, or persistence mechanisms was found in the documentation or code snippets.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:44 PM