datadog-cli
Warn
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and execute the @leoflores/datadog-cli package using npx at runtime. This package is maintained by an individual rather than an official or trusted organization, posing a supply chain risk.
- [COMMAND_EXECUTION]: All primary functions of the skill are implemented via shell commands, allowing for the execution of the CLI tool and the creation of local files for data export.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to the ingestion of untrusted log data from external sources.
- Ingestion points: Untrusted data enters the context through log search, tail, and trace commands defined in references/logs-command.md.
- Boundary markers: Absent. The instructions do not define delimiters or provide guidance to treat the log content as untrusted input.
- Capability inventory: The agent has the ability to execute shell commands and write to the local filesystem across all reference files.
- Sanitization: Absent. There is no evidence of validation or sanitization of external log data before processing.
Audit Metadata