aws-strands
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill implements a ReAct-based agent framework that processes natural language queries to trigger tools and AWS service calls, creating a surface for indirect prompt injection. Ingestion points: User queries are ingested through
Agent()andMultiAgentOrchestrator.run()calls. Boundary markers: The provided code examples lack delimiters or specific instructions to isolate user input from system directives. Capability inventory: The agents are capable of performing database searches and invoking AWS CloudWatch metrics viaboto3. Sanitization: No input validation or output sanitization logic is demonstrated in the implementation examples. - [EXTERNAL_DOWNLOADS]: The documentation includes instructions to install third-party libraries
strands-agents,strands-agents-tools, and@strands-agents/sdk. It also references official sample code from theawslabs/amazon-bedrock-agentcore-samplesGitHub repository, which is a well-known source for AWS development resources.
Audit Metadata