security-group-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides numerous AWS CLI commands (e.g.,
aws ec2 describe-security-groups,aws ec2 revoke-security-group-ingress). These are standard administrative tools required for the stated purpose of auditing AWS infrastructure. - [DATA_EXPOSURE] (SAFE): While the skill accesses security group configurations (which is sensitive metadata), it does so within the user's AWS environment and does not attempt to transmit this data to any external or untrusted domains.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted data from the AWS environment (Security Group names and descriptions).
- Ingestion points: AWS CLI output captured in text files (
all-sgs.txt,used-sgs.txt). - Boundary markers: None present.
- Capability inventory: AWS CLI execution for read/write operations on security rules.
- Sanitization: None detected.
- Note: This is a common surface for auditing tools and is considered low risk in this context.
Audit Metadata