kibana-agent-builder
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes Node.js scripts (scripts/agent-builder.js) to manage resources within the Kibana environment. These commands are executed via the Bash tool and are central to the skill's intended administrative functionality.
- [EXTERNAL_DOWNLOADS]: The skill performs network requests to a user-configured Kibana instance via the REST API. This includes operations to fetch agent and tool definitions and perform write actions (POST, PUT, DELETE) on the Kibana platform.
- [SAFE]: Authentication is managed securely through environment variables such as KIBANA_API_KEY and KIBANA_PASSWORD. This approach avoids hardcoding sensitive credentials within the skill's source code.
- [SAFE]: The skill includes an optional configuration variable (KIBANA_INSECURE) to disable TLS certificate verification. While this reduces transport layer security, it is documented as a feature for interacting with local or development-oriented Kibana instances.
- [PROMPT_INJECTION]: The skill processes and displays metadata (like tool descriptions and agent names) retrieved from the Kibana API, which constitutes a surface for indirect prompt injection if the source data is compromised.
- Ingestion points: Agent and tool metadata fetched in agent-builder.js from Kibana REST endpoints.
- Boundary markers: None identified; external data is integrated into the output and logic without explicit delimiters or isolation instructions.
- Capability inventory: The skill can modify Kibana configurations (API write operations) and execute local shell commands via Node.js.
- Sanitization: Standard URI component encoding is used for resource identifiers in URLs, and request bodies are correctly stringified as JSON.
Audit Metadata