Skills
skills/victoriametrics/skills/victoriatraces-query/Gen Agent Trust Hub

victoriatraces-query

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill connects to the VictoriaTraces API at the user-defined $VM_TRACES_URL to retrieve information about services, operations, and traces.
  • [COMMAND_EXECUTION]: It utilizes curl to perform network requests, jq to process JSON telemetry data, and the date command to generate appropriate timestamps for queries.
  • [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by processing external trace data from an API.
  • Ingestion points: Data enters the context via JSON responses from the /api/services, /api/traces, and /api/dependencies endpoints (SKILL.md).
  • Boundary markers: The skill does not explicitly define delimiters to separate telemetry data from instructions.
  • Capability inventory: Capabilities include network requests via curl and data manipulation via jq (SKILL.md).
  • Sanitization: The skill relies on jq for structured data parsing but does not implement content sanitization for string values within the trace data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 07:24 AM