signoz-explaining-alerts
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is an administrative utility for observability workflows, authored by a known vendor (SigNoz). It operates within the intended scope of interpreting monitoring rules.
- [COMMAND_EXECUTION]: The skill provides instructions for using vendor-specific MCP tools, including
signoz:signoz_get_alert,signoz:signoz_list_alert_rules, andsignoz:signoz_get_alert_history. These are used for data retrieval only. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes user-controllable alert metadata (names, descriptions, and annotations). \n
- Ingestion points: Alert configuration JSON data fetched from
signoz:signoz_get_alert. \n - Boundary markers: Absent; there are no delimiters defined to isolate external alert data from the agent's instructions. \n
- Capability inventory: The agent has access to write operations (e.g.,
signoz_update_alert) and exploratory tools (e.g.,signoz-investigating-alerts) as mentioned in the workflow next steps. \n - Sanitization: Absent; the skill does not instruct the agent to escape or validate the contents of the fetched alert rule before interpretation.
- [NO_CODE]: The skill consists entirely of instructional markdown and does not include any accompanying scripts, binaries, or executable logic.
Audit Metadata