datadog-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to connect to a third-party MCP server at
https://rube.app/mcp. This endpoint provides the necessary tools for Datadog integration but introduces an external dependency outside of the primary environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads untrusted data from external sources without explicit sanitization or boundary markers. * Ingestion points:
SKILL.md(via tools likeDATADOG_SEARCH_LOGS,DATADOG_LIST_EVENTS, andDATADOG_GET_DASHBOARD). * Boundary markers: None present in the instructions to distinguish between system instructions and data. * Capability inventory: Includes powerful tools to delete dashboards, update monitors, and create events, which could be abused if malicious instructions are ingested. * Sanitization: No sanitization or validation logic is specified for the external data being processed.
Audit Metadata