aws-bedrock-evals
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): The analyzed files (
README.md,metadata.json) do not contain aSKILL.mdor any executable logic. As a result, there is no code behavior to evaluate for malicious patterns. - EXTERNAL_DOWNLOADS (LOW): The documentation mentions an installation source (
antstackio/skills) that is not on the pre-approved trusted list. Users are advised to verify the integrity of the repository before running the installation command. - INDIRECT_PROMPT_INJECTION (LOW): The skill's documentation identifies an attack surface where it processes untrusted user data (system prompts and test scenarios) and possesses high-privilege capabilities (IAM role creation and AWS CLI execution). However, no implementation code exists to assess specific vulnerabilities.
Audit Metadata