The Agent Skills Directory

EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs the user to configure https://rube.app/mcp as an MCP server. This server defines the behavior and implementation of all DATADOG_* and RUBE_* tools. Because this domain is not on the Trusted External Sources list, it represents an unverified dependency that provides executable capabilities to the agent.
COMMAND_EXECUTION (LOW): The skill provides tools with high-impact capabilities, specifically DATADOG_DELETE_DASHBOARD (irreversible deletion), DATADOG_MUTE_MONITOR (silencing alerts), and DATADOG_CREATE_DOWNTIME. In an adversarial scenario, these could be used to disrupt infrastructure visibility or suppress security alerts.
INDIRECT_PROMPT_INJECTION (LOW):
Ingestion points: Untrusted data enters the agent via DATADOG_SEARCH_LOGS and DATADOG_LIST_EVENTS, which retrieve content from Datadog that could be influenced by external actors (e.g., log injection).
Boundary markers: None. The skill does not provide delimiters or instructions to the agent to disregard instructions found within the logs or events.
Capability inventory: The skill has significant write/delete capabilities (DATADOG_DELETE_DASHBOARD, DATADOG_CREATE_EVENT).
Sanitization: There is no mention of sanitizing or validating ingested data before the agent processes it or uses it to inform subsequent actions.

datadog-automation