signoz-generating-queries
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns such as prompt injection, obfuscation, or unauthorized data exfiltration were detected. All logic is consistent with the skill's stated purpose.
- [SAFE]: The skill interacts with the SigNoz MCP server using vendor-specific tools (signoz:signoz_*). All external interactions are scoped to the vendor's own services, representing normal functionality for an observability tool.
- [SAFE]: Explicit guardrails are present to prevent the generation of raw ClickHouse SQL, instead requiring the use of structured Query Builder tools. This mitigates risks related to SQL injection or direct database exploitation.
- [SAFE]: The instructions require a 'discovery-first' approach, preventing the agent from guessing metric or service names and ensuring it only acts on validated data within the environment.
- [SAFE]: While the skill processes untrusted data (logs and traces ingested via signoz:signoz_search_logs and signoz:signoz_search_traces in SKILL.md), the agent's capabilities are restricted to further analytical queries and UI-level filtering actions. No dangerous operations such as arbitrary command execution or filesystem modifications are permitted.
Audit Metadata