Skills
skills/necatiarslan/awsclaw/awsclaw-rds/Gen Agent Trust Hub

awsclaw-rds

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external sources that can be controlled by third parties.
  • Ingestion points: Database logs and event streams are ingested via the DownloadDBLogFilePortion and DescribeEvents commands.
  • Boundary markers: No clear delimiters or instructions are provided to the agent to treat content from logs as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill provides administrative capabilities including DeleteDBInstance, ModifyDBInstance, and StopDBInstance.
  • Sanitization: There is no evidence of sanitization for the data retrieved from RDS logs.
  • [DATA_EXFILTRATION]: The skill provides tools for exposing sensitive database information.
  • The DownloadDBLogFilePortion command allows the agent to read and potentially exfiltrate database log files containing sensitive query information or system error details.
  • Commands such as DescribeDBInstances and DescribeEvents expose detailed configuration and metadata about the database infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 08:11 PM