Skills
skills/coralogix/cx-cli/metrics-query/Gen Agent Trust Hub

metrics-query

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No security issues or malicious patterns were identified in the skill instructions or the associated reference files.
  • [COMMAND_EXECUTION]: The skill utilizes the cx CLI tool for metrics discovery and querying. This behavior is consistent with the skill's stated purpose of exploring and analyzing metrics data on the Coralogix platform.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it retrieves metric and label names from the environment and uses them to construct PromQL query strings.
  • Ingestion points: Metric names and label keys are fetched using cx metrics search and cx metrics get-labels in SKILL.md.
  • Boundary markers: None identified in the workflow to separate retrieved data from the query expression.
  • Capability inventory: The skill uses discovered data to perform follow-up CLI calls with cx metrics query and cx metrics query-range in SKILL.md.
  • Sanitization: No specific sanitization logic is instructed for handling retrieved metadata before interpolation into command arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 02:33 PM