cloudformation
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill provides instructions for executing AWS CLI commands such as create-stack, update-stack, and delete-stack. These commands allow for significant modifications to cloud infrastructure, including resource creation and deletion, which can be misused if the agent is not properly restricted.
- INDIRECT_PROMPT_INJECTION (HIGH): The skill's primary function is to process external YAML templates (e.g., template.yaml). If an attacker can influence these files, they can trick the agent into deploying unauthorized resources, such as permissive security groups or IAM roles. 1. Ingestion points: template.yaml referenced in CLI commands. 2. Boundary markers: None provided in the command examples. 3. Capability inventory: Full AWS CloudFormation stack management capabilities (create, update, delete). 4. Sanitization: While cfn-lint is mentioned as a best practice, it is not integrated into the execution steps, meaning no automatic sanitization occurs.
Recommendations
- AI detected serious security threats
Audit Metadata