infrastructure-cost-optimization
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill contains shell scripts (found in SKILL.md.original and references/aws-cost-optimization-configuration.md) that perform resource management via the AWS CLI. Specifically, the 'optimize-resources.sh' script includes commands to delete unattached EBS volumes (
aws ec2 delete-volume) and release unused Elastic IPs (aws ec2 release-address). While these actions are consistent with the skill's stated purpose of waste reduction, they require the agent to have write-access permissions to the cloud environment. - [DATA_EXPOSURE]: The skill includes Python and shell scripts that retrieve sensitive infrastructure data, including billing information and resource metadata. Scripts use the AWS Cost Explorer API (
aws ce get-cost-and-usage) and EC2 description APIs (aws ec2 describe-volumes,aws ec2 describe-addresses) to identify optimization opportunities. This behavior is transparent and aligned with the skill's objective.
Audit Metadata