drt-analyze
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted log and event data, which creates a surface for indirect prompt injection.
- Ingestion points: Untrusted data is retrieved from Datadog in the subagent prompts within SKILL.md.
- Boundary markers: The skill lacks delimiters or explicit instructions to ignore embedded commands in the ingested data.
- Capability inventory: Subagents are authorized to autonomously execute python3 and bash scripts, which increases the impact of a successful injection.
- Sanitization: Log content is truncated for brevity but is not sanitized for malicious instructions.
- [COMMAND_EXECUTION]: The skill uses roachdev and local Python scripts for legitimate cluster health monitoring.
Audit Metadata