aws-cost-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The skill includes numerous AWS CLI commands (e.g.,
aws ec2 describe-instances,aws s3 ls) intended for resource discovery and management. These commands are typical for cloud administration and align with the skill's stated purpose. - [Data Exposure & Exfiltration] (SAFE): No sensitive data access, hardcoded credentials, or external network exfiltration patterns were identified. All commands target standard AWS API endpoints using user-provided credentials.
- [Indirect Prompt Injection] (LOW): The skill possesses a vulnerability surface for indirect prompt injection by reading resource metadata (like tags and names) through
aws ec2 describe-instancesandaws rds describe-db-snapshots. - Ingestion points: Resource tags and metadata fetched via
awsCLI commands inSKILL.md. - Boundary markers: Absent; there are no delimiters or instructions to ignore embedded content in resource tags.
- Capability inventory: Destructive actions including
terminate-instances,delete-volume, anddelete-snapshot. - Sanitization: Absent; the skill does not specify validation or sanitization for data retrieved from the AWS environment.
Audit Metadata