Skills
skills/mukul975/anthropic-cybersecurity-skills/implementing-cloud-waf-rules/Gen Agent Trust Hub

implementing-cloud-waf-rules

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a legitimate tool for cloud security management. All scripts and instructions align with its stated purpose of configuring and tuning WAF rules.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because it processes untrusted data from web request logs.
  • Ingestion points: The scripts/agent.py file retrieves sampled request data via the get_sampled_requests method, and SKILL.md provides Athena SQL queries to analyze raw WAF logs.
  • Boundary markers: Absent. The logs are processed and displayed without specific delimiters to segregate untrusted data from instructions.
  • Capability inventory: The skill possesses the capability to modify cloud security infrastructure through AWS WAFv2 API calls and CLI commands.
  • Sanitization: Absent. The scripts output raw request details such as URIs and source IPs directly to the console for auditing purposes. This is expected behavior for a security analysis tool but noted as a potential injection vector if the output is consumed by other automated agents.
  • [EXTERNAL_DOWNLOADS]: The skill references documentation and libraries from trusted organizations including AWS, Microsoft, and Cloudflare. These resources are for legitimate configuration and integration purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 12:00 AM