Skills
skills/trogonstack/agentskills/datadog-review-dashboard/Gen Agent Trust Hub

datadog-review-dashboard

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Shell tool to run the pup CLI with user-provided variables like <service-name> and <dashboard-id>. This pattern is susceptible to command injection if the agent fails to sanitize or escape input before passing it to the shell environment.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it ingests and processes external dashboard definitions which are not fully under the agent's control.
  • Ingestion points: Dashboard definitions fetched via pup dashboards get in the SKILL.md workflow.
  • Boundary markers: Absent; the skill does not specify the use of delimiters or 'ignore' instructions when handling the dashboard data.
  • Capability inventory: Shell (command execution), Read (file system access), and AskUserQuestion (interaction).
  • Sanitization: Absent; there is no mention of validating or filtering the content of the dashboard JSON/output before the agent audits it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 05:42 PM