datadog-cli
Warn
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill uses
npxto download and execute the@leoflores/datadog-clipackage from the NPM registry at runtime. This package is an unverified third-party dependency provided by a non-trusted source.- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of external code from the NPM registry vianpxand references an external GitHub repositoryleonardocouy/datadog-clifor the CLI tool's documentation and source.- [COMMAND_EXECUTION]: The skill's core functionality relies on executing shell commands, includingnpxto run the Datadog CLI andjqto parse and manipulate JSON data stored in temporary files (e.g.,/tmp/dashboard.json).- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes external, untrusted data from Datadog logs and dashboard configurations. Ingestion points: Untrusted data is retrieved from Datadog vialogs search,logs tail, anddashboards getcommands. Boundary markers: There are no explicit instructions or delimiters provided to the agent to distinguish between its own instructions and instructions potentially embedded in the retrieved Datadog data. Capability inventory: The agent has the capability to execute shell commands (npx,jq,cat) and write files to the local system. Sanitization: There is no evidence of sanitization or validation of the content fetched from Datadog before it is processed by the agent.
Audit Metadata