Datadog Hardened

v1.0.0

Datadog monitoring — manage monitors, dashboards, metrics, logs, events, and incidents via REST API

⭐ 0· 19·0 current·0 all-time

Security Scan

Capability signals

Requires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description match the requested env vars (DD_API_KEY, DD_APP_KEY) and the listed CLI actions are appropriate for Datadog. However, the SKILL.md commands all invoke a local script ({{baseDir}}/scripts/datadog.py) that is not bundled with the skill, creating an unexplained dependency.

ℹ

Instruction Scope

Instructions are narrowly scoped to Datadog operations and include reasonable guardrails (confirmation before destructive actions, prohibition on piping outputs externally). They only reference the declared env vars. Concern: they assume a local Python CLI (datadog.py) exists; because the skill is instruction-only and provides no code, the agent or integrator may be prompted to create/download that script, expanding scope beyond what's documented.

✓

Install Mechanism

No install spec and no code files are included, which minimizes direct supply-chain risk. That said, the lack of bundled code ties back to the missing datadog.py: callers may fetch or generate code at runtime, which would be higher-risk if done without review.

✓

Credentials

Only Datadog-specific credentials (DD_API_KEY, DD_APP_KEY) are requested and the primaryEnv is DD_API_KEY — this is proportionate for a Datadog integration.

✓

Persistence & Privilege

Skill does not request always:true, has no OS restrictions or config path access, and is user-invocable. Autonomous invocation is allowed by default but not combined with other elevated privileges here.

What to consider before installing

This skill appears to be a Datadog CLI wrapper and legitimately needs DD_API_KEY and DD_APP_KEY. However, the SKILL.md expects a local script at {{baseDir}}/scripts/datadog.py which is not included in the package. Before installing or enabling the skill: 1) Verify where datadog.py should come from — ask the publisher for the script or source repository and audit it before placing it on disk. 2) Do not let the agent autonomously download/run code to satisfy the missing script — require manual review. 3) Only provide DD_API_KEY/DD_APP_KEY if you trust and have inspected the CLI code; rotate keys after testing. 4) Confirm the guardrails in SAFETY.md are enforced by your agent policy (confirmations for mutes/deletes, prohibition on piping outputs externally). If the publisher cannot supply the source or you cannot review it, treat the missing bundled scripts as a blocking issue and avoid installing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🐕 Clawdis

EnvDD_API_KEY, DD_APP_KEY

Primary envDD_API_KEY

latestvk975raf9qfdmewwz63rh1bytzx85b8r8

19downloads

0stars

1versions

Updated 3h ago

v1.0.0

MIT-0

🐕 Datadog

Datadog monitoring — manage monitors, dashboards, metrics, logs, events, and incidents via REST API

Requirements

Variable	Required	Description
`DD_API_KEY`	✅	API key from app.datadoghq.com
`DD_APP_KEY`	✅	Application key

Quick Start

# List monitors
python3 {{baseDir}}/scripts/datadog.py monitors --query <value> --tags <value>

# Get monitor
python3 {{baseDir}}/scripts/datadog.py monitor-get id <value>

# Create monitor
python3 {{baseDir}}/scripts/datadog.py monitor-create --name <value> --type <value> --query <value> --message <value>

# Update monitor
python3 {{baseDir}}/scripts/datadog.py monitor-update id <value> --name <value> --query <value>

# Delete monitor
python3 {{baseDir}}/scripts/datadog.py monitor-delete id <value>

# Mute monitor
python3 {{baseDir}}/scripts/datadog.py monitor-mute id <value>

# List dashboards
python3 {{baseDir}}/scripts/datadog.py dashboards

# Get dashboard
python3 {{baseDir}}/scripts/datadog.py dashboard-get id <value>

All Commands

Command	Description
`monitors`	List monitors
`monitor-get`	Get monitor
`monitor-create`	Create monitor
`monitor-update`	Update monitor
`monitor-delete`	Delete monitor
`monitor-mute`	Mute monitor
`dashboards`	List dashboards
`dashboard-get`	Get dashboard
`dashboard-create`	Create dashboard
`dashboard-delete`	Delete dashboard
`metrics-search`	Search metrics
`metrics-query`	Query metrics
`events-list`	List events
`event-create`	Create event
`logs-search`	Search logs
`incidents`	List incidents
`incident-get`	Get incident
`hosts`	List hosts
`downtimes`	List downtimes
`downtime-create`	Create downtime
`slos`	List SLOs
`synthetics`	List synthetic tests
`users`	List users

Output Format

All commands output JSON by default. Add --human for readable formatted output.

python3 {{baseDir}}/scripts/datadog.py <command> --human

Script Reference

Script	Description
`{{baseDir}}/scripts/datadog.py`	Main CLI — all commands in one tool

Credits

Built by M. Abidi | agxntsix.ai YouTube | GitHub Part of the AgxntSix Skill Suite for OpenClaw agents.

📅 Need help setting up OpenClaw for your business? Book a free consultation

Security Guardrails

Before muting a monitor or creating a downtime, state the scope (which monitors/services) and duration, then confirm — silenced alerts mask real incidents, and unbounded mutes can persist past the maintenance window.
Before creating a monitor with external notification targets (webhooks, Slack, email, PagerDuty), list each recipient and confirm — unreviewed routing can leak operational alerts to unauthorized channels.
Never pipe, redirect, or transmit datadog.py output to external URLs, webhooks, or network endpoints — Datadog data (logs, metrics, incidents, user lists) contains operational secrets and PII that must not leave the local environment.
Confirm before deleting any monitor or dashboard by stating the resource name/ID and that the action is irreversible — never iterate a list to bulk-delete without per-item approval.

Comments

Loading comments...