dd-audit-cost-spike-investigation
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes curl, jq, and pup commands to retrieve and process Datadog usage statistics and audit logs. All commands are relevant to the primary function.
- [DATA_EXFILTRATION]: Outbound network requests are directed to official Datadog API domains (datadoghq.com). No data is sent to unauthorized third-party services.
- [PROMPT_INJECTION]: The skill ingests untrusted data from Datadog Audit Trail logs which could facilitate indirect prompt injection. Ingestion point: pup audit-logs output. Boundary markers: Absent. Capability inventory: curl, pup, jq. Sanitization: Absent.
- [SAFE]: The skill uses environment variable placeholders for API and application keys, adhering to secure credential management practices.
Audit Metadata