Skills
skills/arindam200/nebius-skills/nebius-observability/Gen Agent Trust Hub

nebius-observability

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of standard Python packages requests and pyyaml for its operation. These are well-known and trusted libraries from the official Python registry.
  • [PROMPT_INJECTION]: The skill retrieves metrics and PromQL results from external Nebius monitoring endpoints, creating a surface for indirect prompt injection.
  • Ingestion points: External monitoring data is fetched from monitoring.tokenfactory.nebius.com and read.monitoring.api.nebius.cloud as described in SKILL.md and references/prometheus-grafana.md.
  • Boundary markers: No delimiters or boundary instructions are provided to isolate the external API data within the prompt context.
  • Capability inventory: The skill uses requests for data retrieval and prints output; it does not exhibit capabilities like file modification or system command execution in the provided files.
  • Sanitization: There is no evidence of sanitization or validation performed on the ingested metrics data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 02:03 AM