kibana-dashboards
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The documentation describes a setup process involving downloading and executing a script from
https://elastic.co/start-local. Aselastic.cois the official domain for Elastic, the skill's author, this is treated as a trusted operation for environment setup.\n- [EXTERNAL_DOWNLOADS]: Fetches environment configuration tools directly from Elastic's official website.\n- [COMMAND_EXECUTION]: Employs a local Node.js script (scripts/kibana-dashboards.js) to interact with the Kibana API for dashboard management tasks.\n- [SAFE]: Offers an explicit option to disable TLS certificate verification via theKIBANA_INSECUREenvironment variable. This is clearly documented as a development-only feature, making it a transparent best-practice violation rather than a hidden security flaw.
Audit Metadata