aws-cost-finops
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The analyzed files consist of a documentation template and a configuration file. No executable logic, scripts, or network-enabled commands are present.
- [Indirect Prompt Injection] (LOW): The report methodology mentions processing data from AWS Cost Explorer and Cost and Usage Reports. This identifies a data ingestion surface where external information is processed. Mandatory Evidence: 1. Ingestion points: assets/templates/monthly_cost_report.md identifies AWS Cost Explorer and CUR as data sources. 2. Boundary markers: None present in the markdown template or placeholders. 3. Capability inventory: Mentions of analysis scripts (e.g., find_unused_resources.py) are present in the appendix, but no script files are included in the skill. 4. Sanitization: No sanitization logic is visible in the provided files.
Audit Metadata