aws-cdk-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill recommends installing 'cdk-nag' via npm. This is a trusted security auditing tool for AWS CDK stacks and its inclusion is a best practice.
- COMMAND_EXECUTION (LOW): References a repository-local script './scripts/validate-stack.sh' and standard build commands like 'npm test'. While the script's content is not provided, its described function is standard for infrastructure synthesis validation.
- PROMPT_INJECTION (LOW): The skill instructs the agent to read external AWS documentation via MCP tools. This is a known surface for indirect prompt injection (Category 8), though the risk is low as the agent uses the data for implementation guidance rather than automated execution.
Audit Metadata