Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/elasticache-config/Gen Agent Trust Hub

elasticache-config

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill explicitly requests permission for 'Bash(aws:*)'. This provides the agent with the ability to run arbitrary AWS CLI commands, which could be abused to modify infrastructure or exfiltrate sensitive cloud data if the agent is manipulated.
  • [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection. Because the skill's purpose is to manage and validate AWS configurations, it naturally ingests external data. In the absence of explicit boundary markers or sanitization, malicious instructions embedded in a configuration file could hijack the agent's high-privilege tool access.
  • [NO_CODE] (INFO): The skill consists of a metadata-only definition without accompanying scripts. Risk is entirely derived from the tool permissions requested and the sensitivity of the data handled.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:15 AM