Skills
skills/keboola/ai-kit/debug-component/Gen Agent Trust Hub

debug-component

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes untrusted data from external sources.
  • Ingestion points: Job details (mcp__keboola__get_job), component configurations (mcp__keboola__get_config), and external logs (Datadog API).
  • Boundary markers: No explicit markers are defined to help the agent distinguish between its own instructions and untrusted data from logs.
  • Capability inventory: The agent can execute shell commands via the Bash tool, including running local code.
  • Sanitization: No sanitization is performed on the ingested log or telemetry data.
  • [COMMAND_EXECUTION]: The agent uses the Bash tool to run local code (uv run) and execute tests (pytest). This is necessary for the skill's primary function.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to the Datadog API and uses uv sync to manage dependencies. These interactions target well-known and trusted services.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 10:34 AM