kibana-anomaly-detection
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Authored by 'elastic', a trusted organization, and interacts exclusively with Elastic Stack components and indices.
- [SAFE]: All network activity is directed toward the user-provided Kibana URL for legitimate registration and job management operations.
- [SAFE]: The management script 'scripts/kibana-agent-builder.mjs' handles authentication via environment variables or CLI flags and uses official Kibana APIs.
- [SAFE]: Data access is scoped to internal machine learning indices (.ml-anomalies-*, .ml-config, etc.) and source logs, which is required for its primary function.
- [SAFE]: Workflow documentation includes explicit security guidance on avoiding query injection when using diagnostic tools like 'ad_wf_ts_field_cardinality'.
Audit Metadata