Skills
skills/pengelbrecht/skills/metricly-consume/Gen Agent Trust Hub

metricly-consume

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill contains no executable code or scripts. It is composed entirely of instructions for an AI agent on how to use external tools responsibly.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection. It instructs the agent to treat descriptions fetched from the Metricly MCP server as authoritative commands for how to process data. This creates a dependency on the integrity of the external data source.
  • Ingestion points: Metric and dimension metadata retrieved via list_metrics and list_dimensions in SKILL.md.
  • Boundary markers: Absent. The instructions explicitly state that the external descriptions are the source of truth and should be followed without deviation.
  • Capability inventory: The agent is authorized to execute query_metrics to retrieve data based on these descriptions.
  • Sanitization: No sanitization or validation of the description content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 01:49 PM