Skills
skills/giuseppe-trisciuoglio/developer-kit-claude-code/aws-sdk-java-v2-messaging/Gen Agent Trust Hub

aws-sdk-java-v2-messaging

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill documents patterns for consuming data from Amazon SQS and SNS, which are external sources that may contain untrusted user-generated content.
  • Ingestion points: Untrusted data enters the application context via SqsClient.receiveMessage calls (documented in SKILL.md, references/detailed-sqs-operations.md, and references/spring-boot-integration.md).
  • Boundary markers: The skill includes a specific security warning in the 'Constraints and Warnings' section of SKILL.md advising users to sanitize message bodies.
  • Capability inventory: The agent is granted Bash, Write, and Edit tools in the skill configuration.
  • Sanitization: The instructions explicitly mention the need for input validation and sanitization to prevent untrusted payloads from being interpreted as commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 07:09 AM