logcli
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the grafana/logcli Docker image to perform Loki log queries and metadata operations. This is the core functionality and is implemented using standard containerization practices.
- [EXTERNAL_DOWNLOADS]: The skill requires the grafana/logcli:latest image from Docker Hub, which is an official image from a well-known technology provider.
- [SAFE]: Configuration and credentials (such as Loki URLs) are managed through environment variables and a .env file. The skill correctly identifies that sensitive information should not be hardcoded or committed to version control.
- [PROMPT_INJECTION]: The skill acts as an interface for querying logs, which are considered untrusted external data. Ingestion points: scripts/logcli.sh query outputs logs to stdout. Boundary markers: Status information is provided in JSON format on stderr, but log lines on stdout are unformatted. Capability inventory: Operations are limited to querying via docker run. Sanitization: No sanitization is performed on the log content retrieved from Loki.
Audit Metadata