Skills
skills/trogonstack/agentskills/datadog-design-dashboard/Gen Agent Trust Hub

datadog-design-dashboard

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by processing external data from Datadog dashboards. Ingestion points: Dashboard configurations are fetched using the pup dashboards get and pup dashboards list commands in SKILL.md. Boundary markers: There are no specific delimiters or instructions to the agent to ignore potentially malicious commands embedded within dashboard metadata. Capability inventory: The agent has access to Shell, Write, and Read tools. Sanitization: No sanitization or validation of the retrieved dashboard data is performed.
  • [COMMAND_EXECUTION]: The skill utilizes the Shell tool to execute pup CLI commands for listing and fetching dashboard information.
  • [EXTERNAL_DOWNLOADS]: The skill relies on a non-standard CLI tool named pup to interact with Datadog. While no installation step is shown, this tool is an unverifiable external dependency as it is not the official Datadog CLI.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 05:43 PM