skills/giuseppe-trisciuoglio/developer-kit-claude-code/aws-sdk-java-v2-secrets-manager/Gen Agent Trust Hub
aws-sdk-java-v2-secrets-manager
Fail
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: CRITICALPROMPT_INJECTION
Full Analysis
- [SAFE]: The automated scanner alert for 'this.ca' is a false positive. The analysis confirms the scanner misidentified the Java code snippet 'this.cache' (found in SKILL.md and reference files) as a domain name.
- [SAFE]: The file 'assets/templates/SecretsManagerConfigTemplate.java' uses property placeholders for credentials (e.g., '${aws.accessKeyId}'). While using StaticCredentialsProvider is a security best-practice violation compared to IAM roles, it does not contain hardcoded secrets.
- [SAFE]: The skill downloads official AWS dependencies from 'software.amazon.awssdk' and 'com.amazonaws.secretsmanager'. These are well-known, trusted sources for cloud development.
- [PROMPT_INJECTION]: The skill establishes a data ingestion surface for untrusted content from AWS Secrets Manager which could lead to indirect prompt injection if the retrieved secrets are later processed by an LLM.
- Ingestion points: The method 'SecretCache.getSecretString' in 'SecretsService.java' and 'CachedSecrets.java' fetches external data into the application context.
- Boundary markers: The provided code patterns do not include delimiters or instructions to ignore embedded commands in the secret strings.
- Capability inventory: The skill uses the AWS SDK, which provides capabilities for network operations and secret management.
- Sanitization: No sanitization or content validation logic is present in the retrieval patterns to neutralize potential instructions embedded within secret values.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata