datasource-provisioning

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches plugin metadata, configuration schemas, and examples from Grafana's official domains (grafana.com and grafana.net). These are trusted vendor resources used to ensure accurate configuration generation.
  • [DATA_EXFILTRATION]: The skill follows security best practices by instructing users to use environment variable placeholders (${ENV_VAR}) or sensitive Terraform variables for credentials, preventing the exposure of secrets in configuration files or chat history.
  • [COMMAND_EXECUTION]: Provides standard command-line examples using curl and jq to interact with Grafana APIs. These commands are transparent and target official endpoints.
  • [PROMPT_INJECTION]: The skill does not contain instructions that attempt to override agent safety guidelines or extract system prompts.
  • [DATA_EXPOSURE]: Includes explicit warnings against asking users to provide sensitive authentication tokens directly in the chat, relying instead on secure local execution or managed MCP servers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 02:53 PM
Security Audit — agent-trust-hub — datasource-provisioning