Naming fix + change to traces for datadog metrics

Author: dorien-koelemeijer

crates/goose/src/agents/tool_execution.rs

@@ -88,7 +88,7 @@ impl Agent {
                         // Log user decision if this was a security alert
                         if let Some(finding_id) = get_security_finding_id_from_results(&request.id, inspection_results) {
                             tracing::info!(
-                                counter.goose.prompt_injection_user_decisions = 1,
+                                monotonic_counter.goose.prompt_injection_user_decisions = 1,
                                 decision = ?confirmation.permission,
                                 finding_id = %finding_id,
                                 tool_request_id = %request.id,

crates/goose/src/security/mod.rs

@@ -61,7 +61,7 @@ impl SecurityManager {
     ) -> Result<Vec<SecurityResult>> {
         if !self.is_prompt_injection_detection_enabled() {
             tracing::debug!(
-                counter.goose.prompt_injection_scanner_disabled = 1,
+                monotonic_counter.goose.prompt_injection_scanner_disabled = 1,
                 "Security scanning disabled"
             );
             return Ok(vec![]);
@@ -74,7 +74,7 @@ impl SecurityManager {
                 match PromptInjectionScanner::with_ml_detection() {
                     Ok(s) => {
                         tracing::info!(
-                            counter.goose.prompt_injection_scanner_enabled = 1,
+                            monotonic_counter.goose.prompt_injection_scanner_enabled = 1,
                             "Security scanner initialized with ML-based detection"
                         );
                         s
@@ -90,7 +90,7 @@ impl SecurityManager {
                 }
             } else {
                 tracing::info!(
-                    counter.goose.prompt_injection_scanner_enabled = 1,
+                    monotonic_counter.goose.prompt_injection_scanner_enabled = 1,
                     "Security scanner initialized with pattern-based detection only"
                 );
                 PromptInjectionScanner::new()
@@ -124,7 +124,7 @@ impl SecurityManager {
                         serde_json::to_string(&tool_call).unwrap_or_else(|_| "{}".to_string());
 
                     tracing::warn!(
-                        counter.goose.prompt_injection_finding = 1,
+                        monotonic_counter.goose.prompt_injection_finding = 1,
                         threat_type = "command_injection",
                         above_threshold = above_threshold,
                         tool_name = %tool_call.name,
@@ -164,7 +164,7 @@ impl SecurityManager {
         }
 
         tracing::info!(
-            counter.goose.prompt_injection_analysis_performed = 1,
+            monotonic_counter.goose.prompt_injection_analysis_performed = 1,
             security_issues_found = results.len(),
             "Prompt injection detection: Security analysis complete"
         );

crates/goose/src/security/scanner.rs

@@ -161,9 +161,9 @@ impl PromptInjectionScanner {
             tool_confidence = %tool_result.confidence,
             context_confidence = ?context_result.ml_confidence,
             final_confidence = %final_confidence,
-            has_command_ml = tool_result.ml_confidence.is_some(),
-            has_prompt_ml = context_result.ml_confidence.is_some(),
-            has_patterns = tool_result.used_pattern_detection,
+            used_command_ml = tool_result.ml_confidence.is_some(),
+            used_prompt_ml = context_result.ml_confidence.is_some(),
+            used_pattern_detection = tool_result.used_pattern_detection,
             threshold = %threshold,
             malicious = final_confidence >= threshold,
             "Security analysis complete"