skills/jeremylongshore/claude-code-plugins-plus-skills/deploying-monitoring-stacks/Gen Agent Trust Hub
deploying-monitoring-stacks
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes deployment scripts (scripts/deploy_prometheus.sh, scripts/deploy_grafana.sh, and scripts/deploy_datadog_agent.sh) that are Python scripts with a .sh extension. These scripts automate file system operations, including directory creation and recursive file copying.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection within its deployment workflow.
- Ingestion points: Command-line arguments (source and target) for the deployment scripts accept arbitrary file paths, which could be influenced by untrusted inputs.
- Boundary markers: The scripts do not implement path restrictions or boundary markers to ensure file operations remain within designated safe directories.
- Capability inventory: The skill has significant capabilities, including shutil.copy2 for file manipulation and access to Bash tools for docker and kubectl, which could lead to unauthorized system modification if exploited.
- Sanitization: Path validation is limited to existence checks and does not include sanitization against directory traversal or access to sensitive system locations.
Audit Metadata