vector
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill includes a shell-piped installation command
curl --proto '=https' --tlsv1.2 -sSfL https://sh.vector.dev | bash. While typically high-risk, this is the official installation method for Vector (a well-known observability tool owned by Datadog) and is documented neutrally as a standard installation procedure. - [COMMAND_EXECUTION]: Provides standard CLI commands for managing the Vector service, such as
vector validateandvector --config, which are necessary for the tool's primary purpose. - [SAFE]: Configuration examples correctly demonstrate security best practices, such as using environment variables (
${ES_USER},${ES_PASSWORD},${SLACK_WEBHOOK_URL}) for credentials rather than hardcoding them, and implementing data redaction for sensitive fields like email addresses using VRL.
Audit Metadata