datadog

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves observability data (such as log messages, monitor statuses, and incident descriptions) from Datadog and presents it to the agent. This external content could contain malicious instructions designed to manipulate the agent's behavior.
  • Ingestion points: Data is fetched from various Datadog API v1 and v2 endpoints within scripts/datadog.ts (e.g., /api/v2/logs/events/search, /api/v2/incidents).
  • Boundary markers: The script does not utilize boundary markers or provide specific instructions to the agent to treat the retrieved Datadog data as untrusted or to ignore any embedded commands.
  • Capability inventory: The skill performs network requests via the fetch API and outputs data directly to the console.
  • Sanitization: The retrieved JSON data is stringified and printed to the console without any sanitization, filtering, or escaping of potentially malicious content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 10:50 AM
Security Audit — agent-trust-hub — datadog