Skills
skills/bagelhole/devops-security-agent-skills/access-review/Gen Agent Trust Hub

access-review

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [Data Exposure & Exfiltration] (LOW): The skill uses aws iam get-credential-report to retrieve sensitive security metadata. While no exfiltration to external domains is observed, the ingestion of full credential reports into the agent context increases the risk of accidental exposure of authentication state.
  • [Indirect Prompt Injection] (LOW): The skill lacks sanitization and boundary markers when processing external data.
  • Ingestion points: aws iam list-users, aws iam get-credential-report (SKILL.md)
  • Boundary markers: Absent
  • Capability inventory: aws iam read commands (SKILL.md)
  • Sanitization: Absent
  • Analysis: Malicious metadata in IAM objects could potentially influence the agent's review or reporting logic.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 01:28 PM