debug-with-grafana
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
gcxcommand-line interface for all data retrieval operations. It also usespython3 -cas a helper to parse JSON output from the CLI when extracting specific fields like datasource UIDs. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks (Category 8) because it ingests untrusted data from external observability sources (Loki logs and Tempo traces).
- Ingestion points: Untrusted data enters the agent's context through
gcx logs query(Step 5) andgcx traces query(Step 5b). - Boundary markers: The skill does not explicitly instruct the agent to use delimiters or ignore embedded instructions within the logs or traces, though it provides a structured summary format in Step 7.
- Capability inventory: The skill has the capability to execute shell commands via
gcxand perform filesystem writes viagcx dashboards snapshot(Step 6). - Sanitization: No explicit sanitization or filtering of the log/trace content is performed before the agent processes it for the final summary.
Audit Metadata