Skills
skills/datadog-labs/agent-skills/llm-obs-eval-pipeline/Gen Agent Trust Hub

llm-obs-eval-pipeline

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs shell command execution using the pup CLI tool to fetch and manipulate observability data.
  • [EXTERNAL_DOWNLOADS]: The skill references and fetches configurations from the official Datadog MCP server at https://mcp.datadoghq.com/.
  • [DATA_EXFILTRATION]: The skill reads and processes production ML application traces and RUM events, which is the primary intended functionality for the Datadog LLM Observability suite.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes production trace data which may contain adversarial content.
  • Ingestion points: Untrusted data enters the context via pup llm-obs spans search and get_llmobs_trace in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions are used to distinguish trace content from agent instructions.
  • Capability inventory: The skill utilizes shell execution (pup) and file system writes to /tmp/ across its workflow.
  • Sanitization: No validation or sanitization of the content within processed traces is performed before interpretation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 06:53 AM
Security Audit — agent-trust-hub — llm-obs-eval-pipeline