prowler-compliance
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized data access behaviors were detected. The skill's functionality aligns with its stated purpose of managing Prowler compliance frameworks.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute legitimate Prowler CLI commands, such as 'prowler {provider} --list-compliance' and 'prowler {provider} --compliance {framework}'. These are standard operations for the tool described and do not pose a security risk in this context.
- [SAFE]: Evaluation of indirect prompt injection surface:
- Ingestion points: The agent is instructed to create and update compliance framework JSON files located in 'prowler/compliance/{provider}/'.
- Boundary markers: Absent; no explicit instructions to ignore embedded instructions in JSON files.
- Capability inventory: The skill has access to the Bash tool for command execution and Write/Edit tools for file modification.
- Sanitization: Absent; no explicit validation of content before processing.
- Note: This identifies a potential attack surface common to tools processing external data, but no evidence of malicious exploitation was found.
Audit Metadata