aws-cdk
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides authoritative documentation and architectural patterns for AWS CDK development. The provided examples adhere to security best practices, including the use of L2 constructs for sensible defaults, automated least-privilege IAM policy generation via grant helpers, and mandatory encryption for stateful resources.
- [COMMAND_EXECUTION]: The skill documentation includes instructions for standard AWS CDK CLI operations (e.g.,
cdk synth,cdk deploy,cdk diff). These commands are essential for infrastructure-as-code workflows and are used according to official AWS specifications. The skill explicitly instructs users to reviewcdk diffandcdk synthoutputs as checkpoints before deployment. - [EXTERNAL_DOWNLOADS]: The skill references standard project initialization using
npx cdk initand package management vianpm. These operations target the official npm registry and well-known AWS development tools, which are recognized as trusted sources. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes user-provided infrastructure requirements to generate code and execute CLI commands.
- Ingestion points: User prompts describing infrastructure needs (e.g., "create a cdk app for serverless") are processed in
SKILL.md. - Boundary markers: The skill relies on the agent's standard conversational boundaries; no additional delimiters are explicitly defined in the prompt templates.
- Capability inventory: The skill uses
Bash,Write,Edit, andReadtools (defined inSKILL.md). - Sanitization: There is no explicit sanitization of user-provided resource names; however, the skill mandates a delivery loop involving manual review of
cdk synthandcdk diffoutputs to mitigate risks.
Audit Metadata