infra-security-review
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill contains only markdown documentation and text-based grep patterns. There are no scripts, binaries, or automated installation steps involved.
- [DATA_EXPOSURE] (SAFE): While the skill provides regular expressions for identifying secrets (such as AWS keys and passwords), these are diagnostic patterns used for auditing and do not contain actual hardcoded credentials.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to analyze external files (IaC templates). While this creates an ingestion point for untrusted data, the skill's capabilities are limited to reporting and identification, lacking the write or network capabilities required for high-severity exploitation.
Audit Metadata