aws-solution-architect
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external configuration data (
requirements.json) to generate architecture recommendations and infrastructure-as-code templates. - Ingestion points:
scripts/architecture_designer.pyandscripts/serverless_stack.pyread parameters from user-controlled JSON files. - Boundary markers: No explicit delimiters or instructions are used to separate user data from the template generation logic.
- Capability inventory: The skill generates executable IaC templates (CloudFormation, Terraform, CDK) and provides instructions for their deployment via CLI tools.
- Sanitization: Input values are processed with basic string methods (e.g.,
lower(),replace()) which may not prevent complex template injection attacks. - [COMMAND_EXECUTION]: The workflow involves running local scripts and standard infrastructure tools (AWS CLI, CDK, Terraform). These commands are essential for the skill's primary function and are intended to be executed by the user/agent.
- [EXTERNAL_DOWNLOADS]: Reference documentation points to well-known community tools on GitHub for AWS optimization, which is considered a safe and standard practice for architectural guidance.
Audit Metadata