ClawHub
Back to skill

Security audit

Agent Observability Stack: Distributed Tracing, Metrics, and Alerting for Multi-Agent Systems

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable observability guide whose telemetry and alerting examples fit its purpose, but users should sanitize data and protect real keys before copying the examples into production.

Install this as documentation, not executable software. Before using the examples in a real system, replace placeholder keys with secrets from an approved secret manager, use trusted HTTPS webhook destinations, and remove or hash customer, transaction, escrow, agent, billing, and incident details that are not required for monitoring.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The guide includes examples that export metrics, events, traces, and alert payloads to external services without clear warnings about minimizing sensitive fields. In an observability context, transaction IDs, escrow IDs, peer agent identifiers, billing amounts, and business metadata can leak operationally sensitive or regulated data to third-party endpoints, especially via webhooks and tracing backends.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The examples show direct use of API keys and configuration of outbound webhook destinations without prominent safety guidance on secret storage, rotation, and destination trust. Readers may copy these patterns into production with hardcoded credentials or unreviewed webhook URLs, leading to credential exposure, unauthorized notifications, or exfiltration of alert and operational data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.