datadog
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves observability data (such as log messages, monitor statuses, and incident descriptions) from Datadog and presents it to the agent. This external content could contain malicious instructions designed to manipulate the agent's behavior.
- Ingestion points: Data is fetched from various Datadog API v1 and v2 endpoints within
scripts/datadog.ts(e.g.,/api/v2/logs/events/search,/api/v2/incidents). - Boundary markers: The script does not utilize boundary markers or provide specific instructions to the agent to treat the retrieved Datadog data as untrusted or to ignore any embedded commands.
- Capability inventory: The skill performs network requests via the
fetchAPI and outputs data directly to the console. - Sanitization: The retrieved JSON data is stringified and printed to the console without any sanitization, filtering, or escaping of potentially malicious content.
Audit Metadata