promql-validator
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate administrative tool designed for validating PromQL syntax and best practices using locally bundled Python scripts.
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute local scripts (validate_syntax.py, check_best_practices.py) and standard utility commands (git rev-parse). These operations are used purely for validation logic and directory management within the skill's own directory structure. No evidence of unauthorized or dangerous command execution was found.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user input via the parameter. Ingestion point: SKILL.md workflow. Boundary markers: The agent is instructed to wrap input in double quotes for script execution, and output is presented in structured markdown sections. Capabilities: Script execution via python3. Sanitization: The validation scripts utilize regular expressions to parse PromQL syntax but do not provide explicit sanitization of the input string for LLM instructions. This represents a standard attack surface for utility skills, which is mitigated here by the analytical nature of the scripts and the mandatory Phase 1 verification dialogue.
Audit Metadata