experiment-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is authored by datadog-labs and utilizes official Datadog MCP tools and endpoints (app.datadoghq.com, mcp.datadoghq.com) for its core analysis and reporting functions.\n- [DATA_EXFILTRATION]: The skill generates links to Datadog's dashboard for visualization. These are recognized as legitimate service endpoints and are documented neutrally as intended functional behavior.\n- [COMMAND_EXECUTION]: The skill provides instructions for the user to manually add an MCP server if needed. It does not attempt to execute these commands automatically or perform any unauthorized environment modifications.\n- [SAFE]: Robust privacy guidelines are integrated, requiring the agent to redact PII from all analysis results to protect sensitive data.\n- [SAFE]: The skill implements a confirmation step for file-based output, ensuring the user verifies the storage path and filename before any report is written to disk.\n- [SAFE]: The skill's ingestion of external experiment data constitutes an indirect prompt injection surface. However, the risk is negligible given the skill's analytical focus and mandatory PII redaction.\n
- Ingestion points:
SKILL.md(via experiment event tools)\n - Boundary markers: Absent\n
- Capability inventory: Local file writing, Datadog notebook creation via MCP\n
- Sanitization: PII redaction is mandatory; structural content sanitization is not explicitly defined.
Audit Metadata