aws-production-deploy
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface through the ingestion of untrusted input data.
- Ingestion points: Variable inputs defined in the schema (e.g., app_name, aws_region, domain, aws_account_id) are used throughout the deployment scripts in SKILL.md.
- Boundary markers: There are no boundary markers or instructions to ignore embedded commands within the interpolated variables.
- Capability inventory: The skill possesses extensive system capabilities, including resource creation via 'aws' CLI, identity management via 'aws iam', and container operations via 'docker'.
- Sanitization: The skill does not implement validation or escaping for input variables before they are processed in a shell context.
- [EXTERNAL_DOWNLOADS]: The skill references several external dependencies from well-known and trusted providers.
- Trusted GitHub Actions: The CI/CD workflow utilizes official actions from 'actions' and 'aws-actions' for checkout, credential configuration, and ECS deployment.
- Official Tooling: The instructions include the installation of the 'awscli' via Homebrew, a well-known package manager.
- [COMMAND_EXECUTION]: The skill facilitates complex system-level operations and configuration generation.
- CLI Orchestration: Multiple shell blocks execute commands to provision VPCs, security groups, and ECS services.
- Task Rendering: Dynamically generates and registers ECS task definitions using runtime environment data and build metadata.
Audit Metadata