datadog
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Remote Code Execution] (CRITICAL): The skill employs a dangerous pattern in the Linux installation section:
bash -c "$(curl -L https://s3.amazonaws.com/dd-agent/scripts/install_script_agent7.sh)". Piped remote script execution allows for unverified code to run with system privileges, posing a major security threat. - [External Downloads] (HIGH): Instructions include downloading files from
s3.amazonaws.com,helm.datadoghq.com, and container images fromgcr.io. None of these locations are within the skill's trusted source scope, and the assets are immediately used in high-privilege contexts. - [Command Execution] (HIGH): The skill directs the agent to perform operations requiring root access, such as installing packages via
apt-get, managing services withsystemctl, and writing to/etc/. - [Privilege Escalation] (HIGH): The Docker configuration specifies mounting
/var/run/docker.sock. This provides the container with full control over the host's Docker daemon, a well-known vector for escaping the container to gain host root access. - [Persistence Mechanisms] (HIGH): The command
systemctl enable datadog-agentis used to ensure the agent starts automatically upon system boot, which is a key characteristic of persistence.
Recommendations
- AI detected serious security threats
Audit Metadata