elasticsearch-onboarding
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a developer guidance tool that uses official Elastic resources and well-known technology stacks.
- [DATA_EXPOSURE_AND_EXFILTRATION]: No hardcoded credentials or sensitive file exfiltration patterns were found. Python snippets use safe placeholders (e.g., '...') for API keys and Cloud IDs. The skill explicitly instructs the user to add configuration files containing credentials to .gitignore to prevent accidental exposure.
- [EXTERNAL_DOWNLOADS]: The skill references official and well-known packages from trusted sources, including Elastic, OpenAI, and LangChain. Docker images are sourced from the official Elastic registry (docker.elastic.co).
- [PROMPT_INJECTION]: Instructions focus on guiding the user through a structured conversation playbook. No attempts to bypass safety filters or extract system prompts were detected.
- [OBFUSCATION]: All content is in plain text. No Base64, zero-width characters, homoglyphs, or other obfuscation techniques were identified.
Audit Metadata