observability-testing-patterns
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface by ingesting untrusted data from external observability sources such as logs, metrics, and dashboard text panels. \n- Ingestion points: The skill reads data via
esClient.search(Elasticsearch logs),prometheusClient.query(metrics), andpage.locator().textContent()(dashboard content) inSKILL.md. \n- Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the processing logic. \n- Capability inventory: The skill utilizes sensitive capabilities including database execution (db.query), network operations (httpClient), and browser automation (page.goto). \n- Sanitization: No evidence of data sanitization or validation is present before the ingested content is processed within the agent's context.
Audit Metadata