aws-s3-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override agent behavior, bypass safety filters, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local files (like ~/.aws/credentials) or attempt to send data to external, non-whitelisted domains. It exclusively uses standard AWS service interactions.
- [Obfuscation] (SAFE): All code and instructions are provided in cleartext. No Base64, zero-width characters, or homoglyphs were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not install external packages or execute remote scripts. It provides static CLI and HCL templates.
- [Privilege Escalation] (SAFE): No use of sudo, chmod 777, or other privilege escalation techniques was found. IAM roles in the Terraform examples follow the principle of least privilege.
- [Persistence Mechanisms] (SAFE): No code was found that attempts to establish persistence, such as modifying shell profiles or crontabs.
- [Metadata Poisoning] (SAFE): The metadata accurately describes the skill's purpose and does not contain hidden instructions.
- [Indirect Prompt Injection] (SAFE): The skill does not ingest or process untrusted external data, posing no risk of indirect prompt injection.
- [Time-Delayed / Conditional Attacks] (SAFE): No logic was found that triggers behavior based on time, dates, or specific environmental conditions.
- [Dynamic Execution] (SAFE): The skill does not use eval(), exec(), or any form of dynamic code generation or unsafe deserialization.
Audit Metadata