sam-template-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8). 1. Ingestion points: The skill ingests untrusted user requirements and SAM template content (SKILL.md). 2. Boundary markers: Absent; there are no specific delimiters or instructions defined to isolate user data from agent logic. 3. Capability inventory: The skill uses powerful tools including 'Bash(aws:*)' for AWS CLI access, along with 'Write' and 'Edit' for file system operations (SKILL.md). 4. Sanitization: Absent; no input validation or sanitization mechanisms are defined in the configuration.
Audit Metadata