Skills
skills/dokhacgiakhoa/antigravity-ide/observability-monitoring-slo-implement/Gen Agent Trust Hub

observability-monitoring-slo-implement

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains logic for processing external telemetry data to drive engineering decisions and generate reports, creating a surface for indirect prompt injection.
  • Ingestion points: The SLOReporter, SLOAutomation, and SLODecisionFramework classes in sub-skills/implementation-playbook.md ingest data from external metrics clients (e.g., Prometheus).
  • Boundary markers: The prompt templates and HTML report templates lack explicit boundary markers or instructions to ignore embedded commands within the processed metric data.
  • Capability inventory: The skill can generate executable Python code, Prometheus recording rules, Grafana configurations, and automated release decisions based on the ingested data.
  • Sanitization: There is no evidence of sanitization or validation of external metric strings (such as service names or error messages) before they are interpolated into the HTML report or used to generate decision rationales.
  • [DATA_EXFILTRATION]: The SLOReporter class in sub-skills/implementation-playbook.md generates HTML reports by directly interpolating values from external metric sources. This presents a risk of data exposure if sensitive telemetry is included, or potentially a Cross-Site Scripting (XSS) vector if an attacker can influence the metric strings processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 02:10 PM