signoz-creating-alerts
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it translates natural-language user intent directly into system-level alert configurations and queries.
- Ingestion points: Untrusted data enters the context through the
$ARGUMENTSparameter and recent user conversational turns used to define the alert intent (Step 1). - Boundary markers: Absent. The skill does not define specific delimiters or instructions to isolate the user-provided intent from the internal logic of the alert configuration.
- Capability inventory: The skill utilizes write-capable tools, including
signoz:signoz_create_alertandsignoz:signoz_create_notification_channel, which can modify the monitoring environment and notification routing. - Sanitization: The skill relies on the SigNoz MCP server's JSON schema validation rather than pre-processing or sanitizing the input to prevent the generation of malicious queries or configurations.
Audit Metadata