oncall-irm
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as a documentation resource for Grafana OnCall/IRM, describing its core concepts, integrations, and API usage.
- [COMMAND_EXECUTION]: Includes curl command examples for alert submission and API management. These examples use generic placeholders (e.g., 'your-api-key') and target the vendor's official domain ('grafana.net').
- [DATA_EXFILTRATION]: Describes alert routing and outgoing webhook integrations. These are functional components of the service intended for notification delivery and incident management, not for unauthorized data removal.
- [PROMPT_INJECTION]: Documents the use of Jinja2 templates for processing alert payloads. These are used for logical decision-making within the Grafana platform and do not involve executing untrusted instructions within the local agent context.
Audit Metadata