datadog
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The setup process for macOS downloads the 'jq' utility from the official jqlang GitHub repository, which is a trusted source.
- [COMMAND_EXECUTION]: The skill executes various scripts ('query-apm.sh', 'trigger-workflow.sh', etc.) to interact with Datadog services and manage workflows.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. It ingests untrusted data from Datadog logs and APM traces (ingestion points: 'search-logs.sh', 'query-apm.sh'). It lacks explicit boundary markers or documented sanitization for this external content. The capability inventory includes the ability to trigger workflows and manage incidents ('trigger-workflow.sh', 'manage-incidents.sh'), which could be targeted by instructions embedded in the ingested data.
- [SAFE]: No malicious patterns such as obfuscation, hardcoded credentials, or exfiltration to unknown domains were found. The skill follows established practices for CLI-based integrations.
Audit Metadata