grafana
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious injection patterns or attempts to override system safety guidelines were detected. The skill uses standard instructional markers to define its scope.
- [CREDENTIALS_UNSAFE]: The skill uses safe, descriptive placeholders (e.g., 'YOUR_WEBHOOK_URL', 'YOUR_INTEGRATION_KEY') for sensitive configuration fields. No hardcoded secrets or credentials are present.
- [DATA_EXFILTRATION]: No evidence of unauthorized data access or exfiltration. The network references are limited to standard documentation links and configuration examples for well-known services.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piped shell commands or untrusted script downloads, were found.
- [COMMAND_EXECUTION]: While the skill permits the use of 'Bash', the provided content focuses on configuration management and documentation rather than executing dangerous or privileged commands.
- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for processing Grafana configurations and dashboards. While this could theoretically be used for indirect injection, the provided templates and instructions follow best practices, and the inherent risk is low.
- Ingestion points: Dashboard JSON, provisioning YAML files, and LogQL/TraceQL queries.
- Boundary markers: None explicitly defined in the prompt templates.
- Capability inventory: Edit, Write, and Bash tools are available for configuration tasks.
- Sanitization: Standard formatting for JSON and YAML is demonstrated, though no explicit sanitization logic is provided in the skill instructions.
Audit Metadata