aws-serverless
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill demonstrates patterns for ingesting untrusted data from external sources such as API Gateway path parameters, SQS message bodies, and HTTP request bodies.
- Ingestion points: Ingestion occurs in
sub-skills/api-gateway-integration-pattern.md(path parameters),sub-skills/event-driven-sqs-pattern.md(SQS record body), andsub-skills/lambda-handler-pattern.md(HTTP body). - Boundary markers: Code templates do not include delimiters or instructions to ignore embedded commands.
- Capability inventory: Snippets demonstrate standard AWS SDK usage for DynamoDB and SQS operations. No high-risk capabilities such as arbitrary system command execution or unauthorized network access were found.
- Sanitization: The handlers perform basic JSON parsing but lack the validation or escaping required to prevent injection when data is subsequently used in a prompt context.
Audit Metadata