datadog
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a standard and legitimate interface for querying Datadog observability data through its public API, fulfilling its stated purpose.
- [CREDENTIALS_SAFE]: Authentication is correctly handled via environment variables (
DD_API_KEY,DD_APP_KEY). The documentation directs users on how to obtain and set these keys without including any hardcoded secrets. - [DATA_EXFILTRATION]: Network communication is targeted at Datadog's official domains. The site region is configurable via
DD_SITE(e.g.,datadoghq.com,datadoghq.eu), which is standard practice for Datadog integrations and does not constitute a data exfiltration risk in this context. - [COMMAND_EXECUTION]: The script processes command-line arguments to parameterize API requests. It does not utilize dangerous functions like
eval()orexec()to process user input, and no shell injection vulnerabilities were found. - [REMOTE_CODE_EXECUTION]: No patterns for downloading or executing remote code were detected. Dependencies are standard and managed through manifest files.
Audit Metadata