Skills
skills/b-step62/skills/searching-mlflow-traces/Gen Agent Trust Hub

searching-mlflow-traces

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): Executes standard mlflow CLI commands for searching and retrieving traces. This behavior is consistent with the skill's primary purpose.- [EXTERNAL_DOWNLOADS] (LOW): Fetches content from https://mlflow.org/docs/latest/genai/tracing/search-traces.md using WebFetch. While the source is official documentation for the tool, it constitutes an external network request to a non-whitelisted domain.- [PROMPT_INJECTION] (LOW): Vulnerable to indirect prompt injection (Category 8).
  • Ingestion points: MLflow trace metadata, tags, span attributes from mlflow traces search output, and content from WebFetch.
  • Boundary markers: Absent. No delimiters or instructions are provided to the agent to treat this external data as untrusted.
  • Capability inventory: Ability to execute CLI commands (mlflow).
  • Sanitization: None. Data is interpolated directly into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:21 PM