Skills
skills/boshu2/agentops/grafana-platform-dashboard/Gen Agent Trust Hub

grafana-platform-dashboard

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/grafanadashboard_roundtrip.sh uses oc commands to read and write GrafanaDashboard resources on the cluster based on local files.
  • [COMMAND_EXECUTION]: The script scripts/promql_scan_thanos.sh executes oc exec to run commands inside a Thanos pod, facilitating remote query validation.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8):
  • Ingestion points: The skill reads Grafana dashboard JSON content from local files (/tmp/ workspace) and cluster resources (GrafanaDashboard CRs).
  • Boundary markers: No delimiters or safety instructions are provided to the agent when processing these inputs.
  • Capability inventory: The skill allows writing to the cluster (oc apply) and executing commands in pods (oc exec).
  • Sanitization: Input is URL-encoded for queries via jq, but there is no structural validation or filtering of the dashboard logic or embedded PromQL before cluster interaction.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 12:23 PM