building-dashboards
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a suite of bash scripts (e.g.,
dashboard-create,dashboard-list,dashboard-update) that usecurl,jq, andsedto interact with the Axiom API and manage local dashboard configurations. - [DATA_EXPOSURE]: Scripts are designed to read Axiom API tokens and organization IDs from the user's
~/.axiom.tomlfile. This is the documented and intended configuration mechanism for the tool to authenticate with the author's (Axiom) infrastructure. - [INDIRECT_PROMPT_INJECTION]: The skill includes an attack surface where it ingests and processes user-provided dashboard JSON files and templates containing APL/MPL queries. It includes a
dashboard-validatescript to ensure structural integrity before deployment, which serves as a basic safeguard.
Audit Metadata