prometheus-configuration
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches deployment assets from the well-known Prometheus Community Helm repository.
- [COMMAND_EXECUTION]: Provides instructions for using standard administrative tools such as helm, promtool, and curl to manage the monitoring stack.
- [DATA_EXFILTRATION]: References standard file paths for TLS certificates and private keys (e.g., /etc/prometheus/client.key) in configuration examples.
- [PROMPT_INJECTION]: The skill uses Kubernetes service discovery to ingest metadata from pod annotations, creating a surface for indirect prompt injection. (1) Ingestion point: pod and service annotations via kubernetes_sd_configs; (2) Boundary markers: absent in the relabeling configuration; (3) Capability inventory: configuration validation and network metric scraping; (4) Sanitization: uses standard Prometheus relabeling regex patterns.
Audit Metadata