cloud-security
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill is primarily composed of command-line instructions for cloud management tools (aws, az, gcloud) and security frameworks (ScoutSuite, Prowler, Pacu, CloudSploit). These commands are integral to its stated purpose of performing security assessments and audits.
- [EXTERNAL_DOWNLOADS]: Mentions installation of well-known, legitimate security tools from official package managers (pip, npm) and official domains (steampipe.io). These references are documented neutrally as prerequisites for the skill's functionality.
- [CREDENTIALS_UNSAFE]: Shows authentication workflows using environment variables and command-line flags. All sensitive values (AWS keys, Azure client secrets, etc.) are non-functional placeholders or examples (e.g., 'AKIA...', 'SECRET').
- [PROMPT_INJECTION]: Analysis of indirect prompt injection surfaces:
- Ingestion points: The skill processes data from Cloud Provider APIs and the output of security scanning tools (e.g., Prowler reports).
- Boundary markers: Not present; the skill does not explicitly define delimiters for external data.
- Capability inventory: High capability to execute shell commands and subprocesses (aws, az, gcloud, prowler, scout, etc.).
- Sanitization: Not explicitly defined for tool outputs.
- Note: This category is assessed as SAFE given the intended use case for security professionals and the trusted nature of the data sources (official cloud APIs).
Audit Metadata