Skills
skills/aws-samples/sample-strands-agent-with-agentcore/workspace/Gen Agent Trust Hub

workspace

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill definition consists solely of a Markdown file (SKILL.md) and does not include any executable code, scripts, or binary files.
  • [PROMPT_INJECTION]: The documentation describes a mechanism for reading files generated by other agent tools, which serves as a surface for indirect prompt injection where the agent could potentially process untrusted instructions embedded in the data.
  • Ingestion points: The workspace_read function as described in SKILL.md allows the agent to ingest content from paths such as code-agent/ and documents/.
  • Boundary markers: No delimitation or 'ignore instructions' warnings for the ingested content are specified in the documentation.
  • Capability inventory: The skill provides functions for listing, reading, and writing files within the shared session workspace.
  • Sanitization: There is no documentation regarding the sanitization or validation of content read from the workspace.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:10 AM