dd-audit-key-compromise

Official

Investigate and mitigate Datadog API key compromises.

Authordatadog-labs
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill enables in-depth investigation of compromised Datadog API keys, uncovering their activity history and identifying affected resources.

Core Features & Use Cases

  • Timeline Reconstruction: Reconstruct the sequence of actions taken with the compromised key.
  • Geo/IP Analysis: Analyze where the key was used from, providing a geolocation breakdown.
  • Endpoint and Action Breakdown: Breakdown the endpoints called and the actions performed with the compromised key.
  • Destructive Action Check: Detects if the key performed any destructive actions such as deleting resources.
  • Anomaly Flags: Identifies unusual activities or patterns indicative of key compromise.
  • Quick Start: Use this Skill to investigate the usage and impact of a potentially compromised key.

Quick Start

Investigate API key compromise using 'KEY_ID'. Generate the timeline of actions for this key with 'pup audit-logs search'.

Dependency Matrix

Required Modules

pupjqaudit-logs

Components

scriptsreferences

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: dd-audit-key-compromise
Download link: https://github.com/datadog-labs/agent-skills/archive/main.zip#dd-audit-key-compromise

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.