40Medium
The skill mandates autonomous operation by bypassing human-in-the-loop controls and uses fabricated user consent to perform unauthorized resource creation while lacking transparency and proper documentation.
Skill Info
Namesignoz/agent-skills/signoz-creating-dashboards
Registrygithub
Version289efcb66ce3
PURLpkg:github/signoz/agent-skills@289efcb66ce3?skill=signoz-creating-dashboards
Stars6
Installs127
Source
Install
This skill has findings worth reviewing before installing.
GitHub
127 installs
Skills.shDocs
npx skills add https://github.com/signoz/agent-skillsAssessments (5)
AI Agent Traps ↗Description Mismatchmediumdescription mismatchAML.T0011.000LLM06:2025LLM09:2025
The skill contains explicit instructions for autonomous operation without human-in-the-loop controls, which contradicts standard security practices for write-heavy operations.
85% confidence
The skill states: 'The skill targets two consumers: an autonomous AI SRE agent that runs without a human in the loop... In autonomous mode (no human), escalate to the caller or fill the gap from upstream context.'
Autonomous Escalation Riskmediumautonomy abuseAML.T0034.002AML.T0053LLM06:2025LLM10:2025
The instructions explicitly define an 'autonomous mode' where the agent is directed to bypass human confirmation if inputs are missing, which could lead to unauthorized resource creation.
70% confidenceline 85
In autonomous mode (no human), escalate to the caller or fill the gap from upstream context.
Autonomous operation instructions detected — attempts to remove human-in-the-loop controlsmediumautonomy abuseAML.T0034.002AML.T0053LLM06:2025LLM10:2025
Autonomous operation instructions detected — attempts to remove human-in-the-loop controls (seen 2 times in this file at lines 85, 226)
100% confidenceline 85
autonomous mode
Fabricated user consent / pre-authorized instruction — a statement falsely attributed to the user to manufacture authorizationmediumprompt injectionAML.T0051AML.T0051.000AML.T0051.001AML.T0054LLM01:2025
Fabricated user consent / pre-authorized instruction — a statement falsely attributed to the user to manufacture authorization
100% confidenceline 145
The user has already agreed
Missing usage exampleslowpolicy violation
Skill body contains no code blocks or usage examples, making it harder for users to evaluate.
100% confidence
Referenced file missing from skill packagelowpolicy violation
SKILL.md links to "references/examples.md" but the file is not part of the skill package — the workflow silently degrades or the content is sourced elsewhere at runtime
90% confidence
[`references/examples.md`](references/examples.md)
Missing licenseinfopolicy violation
Skill does not specify a license field. Specifying a license helps users understand usage terms.
100% confidence
Missing or insufficient descriptioninfopolicy violation
Skill description is empty or too short. A clear description helps users evaluate the skill's purpose.
100% confidence
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/signoz/agent-skills/signoz-creating-dashboards)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/signoz/agent-skills/signoz-creating-dashboards"><img src="https://mondoo.com/ai-agent-security/api/badge/github/signoz/agent-skills/signoz-creating-dashboards.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/signoz/agent-skills/signoz-creating-dashboards.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow