Skills
skills/sysdig/skills/sysdig-runtime-investigate/Gen Agent Trust Hub

sysdig-runtime-investigate

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill enriches incident data by querying trusted security services, including VirusTotal for file reputation and ipinfo.io or ip-api.com for IP geolocation.
  • [COMMAND_EXECUTION]: Utilizes the curl utility to communicate with the PagerDuty Events API and the VirusTotal API during the triage and handoff phases.
  • [DATA_EXFILTRATION]: Provides automated integration to send detailed investigation reports to external case management and on-call platforms (Jira, PagerDuty) as part of the intended workflow and only with user consent.
  • [EXTERNAL_DOWNLOADS]: The generated HTML report template references the marked and mermaid libraries from the JSDelivr CDN to enable browser-side rendering of markdown content and attack flow diagrams.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 10:54 PM