The Agent Skills Directory

[SAFE]: The skill is purely informational, providing high-quality documentation for the Dynatrace platform. It explicitly documents security restrictions of the runtime environment, including the disabling of eval() and new Function(), the lack of direct filesystem access, and the use of an outbound network allowlist. All code examples use placeholders (e.g., CREDENTIALS_VAULT-...) and generic domains (e.g., api.example.com), posing no risk of data exposure.
[PROMPT_INJECTION]: The documented execution model identifies an attack surface for indirect prompt injection where untrusted data enters the runtime context.
Ingestion points: Untrusted data enters the function through the event.payload parameter, as described in SKILL.md.
Boundary markers: No specific boundary markers or instructions to ignore embedded commands are demonstrated in the provided code snippets.
Capability inventory: The runtime environment has extensive capabilities via the @dynatrace-sdk/* ecosystem, including the ability to execute DQL queries against Grail (client-query), run workflows (client-automation), and retrieve secrets from the environment's vault (client-classic-environment-v2).
Sanitization: The documentation advises developers to "narrow [errors] with type guards" in references/sdk.md, but does not provide explicit patterns for sanitizing input used in downstream DQL queries or workflow parameters. As this is documentation for a development platform, this is considered a risk for the implementer rather than a malicious finding in the skill itself.

dt-js-runtime