experiment-analzyer-comparative
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill generates UI links pointing to the official Datadog application domain at app.datadoghq.com. These are trusted vendor-owned resources used for experiment visualization.
- [COMMAND_EXECUTION]: The skill is configured to automatically save analysis reports to local files in Phase 5 without requiring manual user approval, utilizing the agent's file system capabilities.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted inputs and outputs from LLM spans. Evidence Chain: (1) Ingestion points: The get_llmobs_span_content tool in SKILL.md reads content_info and message fields; (2) Boundary markers: No specific delimiters are defined to separate trace data from agent instructions; (3) Capability inventory: The skill has file-write permissions and the ability to execute MCP tool chains; (4) Sanitization: The instructions include a requirement to mask or redact PII in all outputs.
Audit Metadata