Datadog

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Datadog connector skill that uses OOMOL's CLI for mostly read-only Datadog access, with sensitive-account access disclosed.

Install only if you are comfortable routing Datadog queries through OOMOL's `oo` CLI and connected account. Review the Datadog connection scopes in OOMOL, and be cautious with broad or ambiguous requests because the skill tells agents to use this connector for any Datadog-related task.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger guidance is overly broad: saying to use this skill for "ANY Datadog request" and whenever a task "involves Datadog" can cause the agent to invoke the skill for tangential or mixed-scope tasks without adequate narrowing. In context, that increases the chance of unnecessary connector use, unintended data access, or bypassing more appropriate task-specific handling, even though the listed actions are primarily read-oriented.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal