datadog-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires adding an external Model Context Protocol (MCP) server endpoint at
https://rube.app/mcp. This server provides the tool definitions and capabilities for the agent.\n- [DATA_EXFILTRATION]: The skill facilitates the connection of a Datadog account to therube.appthird-party service. This grants the service access to potentially sensitive operational data, including logs and infrastructure details.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through data ingested from Datadog.\n - Ingestion points:
DATADOG_SEARCH_LOGSandDATADOG_LIST_EVENTSpull arbitrary strings from Datadog into the agent context.\n - Boundary markers: There are no boundary markers or instructions to disregard potential commands found within the retrieved data.\n
- Capability inventory: The agent has access to destructive or modifying tools like
DATADOG_DELETE_DASHBOARD,DATADOG_UPDATE_DASHBOARD, andDATADOG_CREATE_MONITOR.\n - Sanitization: The skill does not implement or recommend sanitization for incoming data before it is used to drive agent behavior.
Audit Metadata