amazon-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection as it ingests and processes untrusted data from Amazon operations without explicit boundary markers or sanitization. * Ingestion points: Tool outputs from RUBE_SEARCH_TOOLS and RUBE_MULTI_EXECUTE_TOOL. * Boundary markers: Absent; instructions do not advise the agent to ignore instructions embedded in Amazon data. * Capability inventory: Substantial capabilities including tool execution and remote workbench access (RUBE_REMOTE_WORKBENCH). * Sanitization: Absent; the skill does not implement or recommend sanitization of retrieved data before further processing.
Audit Metadata