vpc-network-designer
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill exhibits a surface for Indirect Prompt Injection (Category 8) because it is designed to process user input and generate production-ready AWS configurations without safety boundaries.
- Ingestion points: User prompts triggered by phrases like 'vpc network designer' or requests for AWS patterns (File: SKILL.md).
- Boundary markers: Absent; there are no instructions to the agent to treat user-provided data as data only or to ignore embedded instructions.
- Capability inventory: The skill possesses high-privilege tools including
Bash(aws:*),Write, andEdit(File: SKILL.md). - Sanitization: Absent; the skill does not define any logic to sanitize or validate user input before it is used to generate or execute commands.
- [COMMAND_EXECUTION] (LOW): The skill's metadata explicitly requests broad access to the
Bashtool with a wildcard for all AWS commands (aws:*). This creates a high-impact capability if the agent's logic is subverted via prompt injection. - [NO_CODE] (SAFE): No scripts, Python packages, or Node.js dependencies were found in the provided skill file. The risk is limited to the interaction between the instruction set and the available tools.
Audit Metadata