agent-observability-session-classify
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes the 'pup' CLI tool via bash to perform lookups for traces, RUM events, and audit logs.
- [DATA_EXFILTRATION]: Ingests sensitive Datadog observability data, including user handles, session IDs, and audit records, for the purpose of classification and analysis.
- [PROMPT_INJECTION]: Potential for indirect prompt injection as the skill processes external conversation logs retrieved from Datadog traces.
- Ingestion points: SKILL.md (Content Retrieval Cascade).
- Boundary markers: Absent. The skill interpolates retrieved trace content directly into the classification workflow without specific delimiters.
- Capability inventory: Shell command execution (pup) and Python processing.
- Sanitization: No explicit sanitization or escaping of the retrieved conversation text is implemented.
Audit Metadata