grafana-observability
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and executes the mcp-grafana server. The source code is hosted on Grafana's official GitHub repository, which is a recognized well-known service.\n- [COMMAND_EXECUTION]: Uses the uvx tool to run the MCP server in a subprocess to handle dashboard, metric, and log operations.\n- [PROMPT_INJECTION]: Potential surface for indirect prompt injection due to the processing of untrusted external data.\n
- Ingestion points: Data is ingested from external sources via query_loki_logs, search_dashboards, and query_prometheus.\n
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious content embedded within the logs or metrics.\n
- Capability inventory: The skill possesses write capabilities including update_dashboard, create_alert_rule, create_incident, and add_activity_to_incident.\n
- Sanitization: No evidence of sanitization or validation of the retrieved data before it is presented to the agent context.
Audit Metadata