Skills
skills/ionfury/homelab/monitoring-authoring/Gen Agent Trust Hub

monitoring-authoring

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use CLI tools including kubectl exec, task, and kubesearch to validate configurations and verify that monitoring targets are correctly discovered by the Prometheus API.
  • [EXTERNAL_DOWNLOADS]: The instruction set references external JSON schema files from Datree and Flanksource for YAML validation. These are used to ensure the structural integrity of the generated monitoring resources.
  • [DATA_EXFILTRATION]: The skill describes the configuration of Alertmanager receivers for Discord and healthchecks.io. This is documented as the intended destination for system alerts and heartbeats, rather than an unauthorized data transfer mechanism.
  • [PROMPT_INJECTION]: The skill involves processing external data (Helm chart values and existing Kubernetes manifests) to generate or update monitoring resources. This creates an indirect prompt injection surface where malicious instructions could be embedded in the processed data. The skill includes validation steps to mitigate accidental errors during this process.
  • [CREDENTIALS_UNSAFE]: The documentation references the use of ExternalSecrets and AWS SSM for managing sensitive credentials like webhooks. It provides guidance on referencing these secrets without hardcoding actual values in the repository.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 05:23 AM