Security Audit

datadog-automation

github.com/sickn33/antigravity-awesome-skills

AI SkillCommit e36d6fd3b3f6

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

datadog-automation received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Skill enables broad administrative actions in Datadog, Unverified third-party MCP dependency.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Skill enables broad administrative actions in Datadog The skill exposes a wide range of Datadog API tools, including those for creating, updating, and deleting monitors and dashboards, as well as creating events and scheduling downtimes. If an LLM is granted access to these tools without strict guardrails, it could be prompted to perform destructive actions (e.g., `DATADOG_DELETE_DASHBOARD`), disrupt monitoring (`DATADOG_MUTE_MONITOR`, `DATADOG_CREATE_DOWNTIME`), or inject misleading information (`DATADOG_CREATE_EVENT`). Implement fine-grained access control for the LLM, allowing it to only use necessary Datadog tools. For example, restrict access to `_DELETE_` or `_CREATE_` operations unless explicitly required and approved. Ensure human-in-the-loop for sensitive operations.	LLM	SKILL.md:108
MEDIUM	Unverified third-party MCP dependency The skill relies on an external Managed Control Plane (MCP) server at `https://rube.app/mcp`. The skill states 'No API keys needed — just add the endpoint and it works,' implying a direct connection and trust in this third-party service to provide tools. Without explicit version pinning, security audits, or a clear trust model for `rube.app`, this introduces a supply chain risk. A compromise of `rube.app` could lead to malicious tools being served to the LLM. Evaluate the security posture of `rube.app`. If possible, use a self-hosted or vetted MCP. Implement mechanisms to verify the integrity and authenticity of tools served by the MCP. Consider pinning to specific versions or hashes of the MCP's tool definitions if supported.	LLM	SKILL.md:19

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/b0a1d37d18d286a1.svg)](https://skillshield.io/report/b0a1d37d18d286a1)