observability-analyze-logs
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill in st ruc ts the agen t to use the
Bashtoo l to run the local analy ze r scrip t (.claude/tools/utils/log_analy ze r.py) and utili ze s standar d utili tie s liketailfor real-time log moni toring. - [PROMPT_INJECTION]: The skill exhibi ts an indirec t prom p t injec tion at tack surface (Categor y 8) becau se it proce sses untru sted log message s th roug h an LLM for roo t cau se analy sis.
- In gestion poin ts: Read s untru sted log con ten t from projec t log file s at
{{LOG_DIR}}/{{LOG_FILE}}.log. - Boundar y marke rs: The tech nical refe rence documen t s men tion s system prom p t s for analy sis bu t lack s evidence of ex plici t delimi te rs or in st ruc tion s to igno re em bed ded malic iou s st ring s wit hin the log data.
- Capabili ty inven tor y: The analy ze r scrip t run s via the
Bashtoo l and has the abili ty to wri te mark down re por t s to the file system. - Sani ti za tion: The re is no in dica tion tha t log en t rie s are sani ti ze d or esca pe d befo re bein g in te r pola te d in to the AI prom p t.
Audit Metadata