Skills
skills/aws-samples/aws-transform-custom-samples/transform-custom/Gen Agent Trust Hub

transform-custom

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of local shell commands to perform repository analysis, manage the environment, and execute the transformation CLI.
  • Evidence in SKILL.md, single-transformation.md, and multi-transformation.md includes commands for aws CLI, git, unzip, and the atx CLI.
  • The skill generates and executes temporary bash scripts (run.sh) to background long-running transformation processes.
  • [EXTERNAL_DOWNLOADS]: The skill downloads the ATX CLI and AWS CLI installation packages from official AWS domains.
  • SKILL.md and troubleshooting.md contain instructions to download the installer from https://transform-cli.awsstatic.com/install.sh.
  • SKILL.md provides links for downloading the AWS CLI from awscli.amazonaws.com.
  • [REMOTE_CODE_EXECUTION]: The skill uses a piped-to-shell pattern for CLI installation, which constitutes remote code execution.
  • SKILL.md evidence: curl -fsSL https://transform-cli.awsstatic.com/install.sh | bash.
  • While this pattern is generally high-risk, it is used here to fetch a script from a well-known service domain (awsstatic.com) belonging to the skill's author (AWS), which is consistent with standard software distribution for this vendor.
  • [DATA_EXPOSURE]: The skill interacts with sensitive local files and AWS credentials but follows best practices for secret management.
  • It reads ~/.aws/credentials and ~/.aws/config via the standard aws CLI to verify the user's identity.
  • It explicitly instructs the user on how to safely configure credentials and provides warnings against exposing them in chat outputs.
  • [PRIVILEGE_ESCALATION]: The skill includes functionality to modify IAM policies to ensure the user has sufficient permissions for the transformation service.
  • SKILL.md evidence: aws iam attach-user-policy --policy-arn "arn:aws:iam::aws:policy/AWSTransformCustomFullAccess".
  • This operation is performed only after explaining the requirement and obtaining explicit user confirmation, and it targets a specific managed policy required for the skill's primary function.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 03:57 AM