aws-cost-optimization
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection. * Ingestion points: Data enters the context through AWS CLI command outputs (Cost Explorer, EC2, Budgets) and the rightsizing-config.json file. * Boundary markers: No delimiters or instructions to ignore embedded commands are present. * Capability inventory: Includes the execution of aws CLI commands for resource description and recommendation retrieval. * Sanitization: No input validation or output escaping is performed.
- [COMMAND_EXECUTION]: The skill facilitates the execution of cloud management commands. * Evidence: SKILL.md contains example commands for aws ce get-rightsizing-recommendation, aws ec2 describe-volumes, and aws budgets describe-budgets.
Audit Metadata