dd-logs
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'pup' utility from the official 'github.com/datadog-labs/pup' repository. This is a vendor-owned resource necessary for the skill's primary functionality.
- [COMMAND_EXECUTION]: Executes various shell commands including 'go install', 'pup', and 'jq' to perform log searches and manage configurations. These commands are standard for the tool's log-management tasks.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it ingests and processes untrusted log data.
- Ingestion points: External log data is retrieved into the agent's context through the 'pup logs search' command.
- Boundary markers: The instructions do not define delimiters or specific markers to isolate the log data from agent instructions.
- Capability inventory: The skill has the ability to modify log processing pipelines, manage archives, and create log-based metrics via the 'pup' CLI.
- Sanitization: No sanitization or validation logic is present to identify or filter out potential malicious instructions embedded within the processed logs.
Audit Metadata