appsignal
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Susceptible to Indirect Prompt Injection. The skill fetches external data from AppSignal error incidents and samples which can contain attacker-controlled content in error messages or backtraces. * Ingestion points:
appsignal-cli incidents list,appsignal-cli incidents get, andappsignal-cli samples get(SKILL.md). * Boundary markers: None present to distinguish external data from agent instructions. * Capability inventory:Bash(appsignal-cli *)allowing shell-based interaction. * Sanitization: No sanitization or filtering of retrieved error data before it is presented to the agent context. - COMMAND_EXECUTION (LOW): The skill utilizes the
appsignal-clicommand-line tool via Bash. While necessary for its purpose, it provides a vector for command-based interaction with the host system.
Audit Metadata