signoz-investigating-alerts
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses sensitive telemetry data including logs, traces, and system metrics through the SigNoz MCP server. This behavior is consistent with its primary purpose of incident investigation. All data access is performed via authenticated vendor-specific tools, and there is no evidence of data being transmitted to external or unauthorized domains.
- [COMMAND_EXECUTION]: The skill instructions specify a multi-tiered workflow using predefined SigNoz tools for querying data. It explicitly forbids modifying alert configurations during the investigation process. No arbitrary shell command execution or unsafe subprocess patterns were detected.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from alert names and the content of logs/traces. Although it lacks explicit boundary markers or sanitization logic, the risk is mitigated by the structured nature of the workflow which uses these inputs primarily as search filters and data points for comparison rather than as direct instructions to the agent.
Audit Metadata