log_correlation
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Step 7 of the skill instructions provides a code snippet for a diagnostic endpoint that constructs a LogQL query using f-string interpolation with the 'session_id' path parameter. This creates a LogQL injection surface that could allow an attacker to craft input to retrieve unauthorized logs or bypass processing logic.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data which is used to influence the behavior of backend data retrieval tools.
- Ingestion points: The 'session_id' parameter in the '/api/v1/sessions/{session_id}/timeline' FastAPI route.
- Boundary markers: None are present in the LogQL query construction.
- Capability inventory: The skill uses the 'httpx' library for inter-service communication and performs log queries via a 'query_loki' function.
- Sanitization: The example implementation lacks input validation, regex checks, or escaping mechanisms for the 'session_id' variable before it is interpolated into the query string.
Audit Metadata