Skills
skills/coralogix/cx-cli/cx-observability-setup/Gen Agent Trust Hub

cx-observability-setup

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides a large suite of commands for the cx CLI tool, which is used to manage views, webhooks, notifications, and integrations within the Coralogix platform. All commands are consistent with the documented purpose of the skill and the author's identity.
  • [DATA_EXFILTRATION]: The skill is designed to configure outgoing data paths, such as webhooks and notification connectors (Slack, PagerDuty, Email). These are legitimate administrative functions for an observability platform but represent the capability to define external data destinations.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by processing external JSON files and rendering templates via the cx CLI tool.
  • Ingestion points: Configuration data is ingested through the --from-file flag across multiple commands in SKILL.md, including cx notifications test template-render.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard natural language instructions that might be embedded within the JSON files.
  • Capability inventory: The skill has access to shell execution (the cx CLI) and the ability to configure network-reaching webhooks and connectors.
  • Sanitization: The skill does not specify any validation or sanitization steps for the data contained within the external files before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 11:41 AM