skills/jeremylongshore/claude-code-plugins-plus-skills/collecting-infrastructure-metrics/Gen Agent Trust Hub
collecting-infrastructure-metrics
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes privileged shell access via
Bash(system:*),Bash(metrics:*), andBash(monitoring:*)to install and configure monitoring agents like Prometheus and Datadog.\n- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8):\n - Ingestion points: Metric data and metadata are ingested from infrastructure layers (compute, storage, network, databases) as defined in SKILL.md.\n
- Boundary markers: No delimiters or safety instructions are used to distinguish between system instructions and data from monitored targets.\n
- Capability inventory: The skill can perform file system operations (Read, Write, Edit) and execute bash commands.\n
- Sanitization: There is no evidence of sanitization for ingested metrics before they are processed in scripts or configuration files.
Audit Metadata