cdk-stack-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill interprets natural language user requests to generate executable infrastructure code, which is a known attack surface for indirect prompt injection.
- Ingestion points: User request strings containing triggers like 'cdk stack generator'.
- Boundary markers: Not present; there are no defined delimiters to isolate user data from the agent's internal instructions.
- Capability inventory: The skill is authorized to use 'Bash(aws:*)', 'Read', 'Write', and 'Edit' tools.
- Sanitization: No input validation or output sanitization mechanisms are specified in the provided documentation.
Audit Metadata