Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/eks-cluster-config/Gen Agent Trust Hub

eks-cluster-config

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection as it is designed to ingest untrusted user input and has access to high-privilege tools.
  • Ingestion points: User requests and queries triggered by phrases like 'eks cluster config'.
  • Boundary markers: None. There are no delimiters or instructions to ignore embedded commands in the processed data.
  • Capability inventory: The skill metadata explicitly allows Bash(aws:*), Write, and Edit tools, which provide the ability to modify cloud infrastructure.
  • Sanitization: None provided. The skill relies on natural language interpretation without explicit sanitization of input before potential tool use.
  • [Command Execution] (LOW): The skill requests Bash(aws:*) permissions in its allowed-tools metadata. While no specific malicious commands are present in this file, the scope of the permission is broad for an untrusted author.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:38 PM