aws-security-audit
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and executes MCP servers (iam-mcp-server, cloudtrail-mcp-server) from the official awslabs GitHub organization via the uvx tool.
- [COMMAND_EXECUTION]: Executes local commands via uvx to launch the required MCP bridge servers for communication with AWS APIs.
- [CREDENTIALS_UNSAFE]: Utilizes standard AWS environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION) for API authentication. This is required for the skill's stated purpose of auditing AWS infrastructure.
- [PROMPT_INJECTION]: Analysis of workflows for security audits and incident investigation shows no instructions that attempt to bypass AI safety filters or override system constraints.
Audit Metadata