aws-cost-optimization
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing various AWS CLI commands (
aws ec2,aws ce,aws cloudwatch,aws compute-optimizer) and shell utilities (cp,date) to identify cost-saving opportunities and manage reports. This requires the agent to have broad access to the cloud environment and the local file system. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing untrusted data from the cloud environment.
- Ingestion points: Data enters the agent's context through AWS CLI command outputs that include user-controllable resource tags, such as the EC2 'Name' tag queried in Workflow 3.
- Boundary markers: There are no instructions or delimiters defining the boundaries between the skill's trusted instructions and the untrusted data retrieved from the AWS API.
- Capability inventory: The skill possesses capabilities for shell command execution and file writing, which could be abused if malicious instructions in a resource tag are executed.
- Sanitization: No validation or sanitization is performed on the content of resource tags or other metadata before it is processed by the agent.
Audit Metadata