Skills
skills/aws-samples/review-and-assessment-powered-by-intelligent-documentation/modify-agent-prompts/Gen Agent Trust Hub

modify-agent-prompts

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill doc umentation desc r ibes the integration and configuring of a code_interpreter tool for exec uting Python code and MCP (Model Context Protoc ol) tools th at exec ute shell commands.
  • [EXTERNAL_DOWNLOADS]: The referenc es/TOOL-CREATION.md file provides an example configuration for an MCP server th at fetc hes the @modelcontextprotoc ol/server-web-searc h pac kage using npx.
  • [PROMPT_INJECTION]: The skill arc h itec t ure is designed to proc ess untrusted external data (doc uments and images) wh ic h creates a surfac e for indirec t prompt injec tion.
  • In gestion points: Data enters the agent context th rough the file_read and image_reader tools mentioned in referenc es/TOOL-CREATION.md and SKIL L.md.
  • Boundary markers: Wh ile SKIL L.md spec ifies JSON sc h emas for the agent's output, it does not desc r ibe spec ific delimiters or boundary markers to isolate untrusted input data with in the prompts.
  • Capability inventor y: The agent has ac c ess to tools inc l uding code_interpreter for code exec uting and mc p_tool for web searc h capabilities.
  • Sanitization: No mention of input validation or sanitization logic for proc essed content is provided in the modification guides.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 01:38 AM