stack-designer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to bypass safety filters or override agent behavior were detected.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or unauthorized network operations are present. CloudFormation examples utilize secure parameter handling (NoEcho).
- [Unverifiable Dependencies] (SAFE): The skill does not define any Python or Node.js dependencies.
- [Remote Code Execution] (SAFE): No patterns of downloading or executing remote code are present. Examples of TemplateURL in nested stacks are illustrative placeholders within markdown blocks.
- [Indirect Prompt Injection] (LOW): While the skill is designed to process user requirements into CloudFormation templates (ingestion surface), it lacks the capability to automatically deploy these templates or interact with external APIs, limiting risk to text generation only.
- [Obfuscation] (SAFE): All content is in cleartext markdown and YAML. No encoded or hidden strings were found.
Audit Metadata