netra-mcp-usage
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents a legitimate observability workflow for Netra MCP tools (
netra_query_traces,netra_get_trace_by_id). It specifies schema-correct inputs, filters, and pagination patterns to assist in incident triage and debugging. - [DATA_EXPOSURE_AND_EXFILTRATION]: No evidence of hardcoded credentials, sensitive file access (like SSH or AWS keys), or network exfiltration patterns. The tools interact with telemetry data (
latency_ms,total_cost, etc.) which is consistent with the skill's stated purpose for trace debugging. - [INDIRECT_PROMPT_INJECTION]: The skill documents an interface for reading external trace data which constitutes a potential ingestion surface, though it does not contain malicious instructions itself.
- Ingestion points: External trace data is ingested via
netra_query_tracesandnetra_get_trace_by_id(documented in SKILL.md). - Boundary markers: No explicit instructions for delimiters or ignoring embedded instructions are present in the workflow.
- Capability inventory: The skill facilitates read-only access to traces; it does not contain subprocess calls, file-write operations, or general network capabilities.
- Sanitization: The skill instructions do not mention sanitization of the trace data before it is presented to the agent.
Audit Metadata