observability-alert-manager
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill includes hardcoded default credentials (
admin:admin) within acurlcommand example targeting the Grafana API. - [COMMAND_EXECUTION] (MEDIUM): The skill references and provides examples for executing several local shell scripts (
scripts/create-alert.sh,scripts/list-alerts.sh,scripts/test-alerts.sh,scripts/import-alert-templates.sh) and usescurlto interact with a local service. - [DATA_EXPOSURE] (LOW): The skill targets internal infrastructure via
http://localhost:3000. While localhost access is often intended for local tools, it represents a surface for interacting with unauthenticated or default-credentialed internal services. - [INDIRECT_PROMPT_INJECTION] (LOW):
- Ingestion points: Alert names and LogQL queries provided as parameters, as well as log data consumed from Loki.
- Boundary markers: None identified in the provided markdown.
- Capability inventory: Execution of local shell scripts and network requests via
curl. - Sanitization: No evidence of sanitization for user-provided parameters used in shell commands or queries.
Recommendations
- AI detected serious security threats
Audit Metadata