cloud-cost-management
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the Azure CLI installation script from a well-known Microsoft domain (
https://aka.ms/InstallAzureCLIDeb) in the Azure cost management reference guide. - [REMOTE_CODE_EXECUTION]: Executes the downloaded Azure CLI installation script directly using
bashin thereferences/azure-cost-management.mdandSKILL.md.originalfiles. This operation targets a trusted source. - [COMMAND_EXECUTION]: Extensive use of cloud provider CLI tools (
aws,az,gcloud,gsutil) to perform resource discovery, budget creation, and cost analysis across multiple cloud platforms. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) due to its processing of external cloud resource metadata.
- Ingestion points: Retrieves untrusted data from cloud provider APIs, such as resource tags and instance names via
aws ec2 describe-instancesand theCloudCostMonitorPython class inreferences/cost-monitoring-dashboard.md. - Boundary markers: No explicit delimiters or instructions are present to prevent the agent from obeying instructions that might be embedded within cloud resource names or tags.
- Capability inventory: The skill has the capability to execute shell commands and run Python scripts that interact with sensitive cloud infrastructure APIs.
- Sanitization: There is no evidence of sanitization, validation, or filtering of the metadata retrieved from the cloud providers before it is processed by the agent.
Audit Metadata