aws-cdk-development
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.\n
- Ingestion points: The skill retrieves external data using AWS MCP tools (
mcp__aws-mcp__aws___search_documentation,mcp__aws-mcp__aws___read_documentation) as specified inSKILL.md.\n - Boundary markers: No explicit instructions or delimiters are used to prevent the agent from following malicious instructions potentially embedded in the retrieved documentation.\n
- Capability inventory: The skill includes a validation script (
scripts/validate-stack.sh) that executescdk synth, which performs code synthesis and could be influenced by malicious patterns ingested during the design phase.\n - Sanitization: There is no evidence of filtering or validation of content retrieved from the external AWS documentation sources.\n- [COMMAND_EXECUTION]: Local Script Execution.\n
- The
scripts/validate-stack.shscript executes thecdkCLI (cdk synth) and utilizes system tools likegrep,find, andjqto inspect the project structure and synthesized templates. This is a standard part of the CDK development workflow but represents a local command execution capability.
Audit Metadata