query-spans
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates the use of the
cxCLI tool, which is an official tool from the vendor (Coralogix). All operations described, such as querying traces and discovering fields, are within the expected functional scope of a telemetry analysis skill. - [SAFE]: The instructions explicitly guide the agent to use proper escaping for special characters (e.g.,
\$d.traceID) when executing shell commands. This is a positive security practice that helps prevent accidental variable expansion or command injection during interaction with the system shell. - [SAFE]: No remote code execution patterns, unauthorized network operations, or hardcoded credentials were found in the provided files.
- [DATA_INGESTION]: The skill is designed to ingest and display external telemetry data (spans). While this represents a surface for indirect prompt injection common to all data-viewing tools, the skill provides structured workflows and specific CLI commands that limit the risk of the agent misinterpreting data as instructions.
Audit Metadata