Skills
skills/opensearch-project/opensearch-agent-skills/log-analytics/Gen Agent Trust Hub

log-analytics

Fail

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill provides a hardcoded default password 'My_password_123!@#' for OpenSearch in the environment variable reference section of 'log-analytics.md'.
  • [COMMAND_EXECUTION]: The file 'log-analytics.md' instructs the agent to run a Python script 'scripts/opensearch_ops.py', which is missing from the skill package.
  • [EXTERNAL_DOWNLOADS]: The skill uses 'uvx' to install and run external MCP servers including 'duckduckgo-mcp-server' and 'opensearch-mcp-server-py'.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external log content from OpenSearch clusters.
  • Ingestion points: Data is ingested through 'SearchIndexTool', 'GenericOpenSearchApiTool', and 'curl' commands in 'log-analytics.md'.
  • Boundary markers: There are no markers or instructions provided to the agent to treat log data as untrusted content.
  • Capability inventory: The agent can perform network requests and shell command execution as specified in the workflow.
  • Sanitization: No sanitization or validation logic is defined for the log data being analyzed.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 8, 2026, 07:46 AM