aws-cloud-services
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as a legitimate technical guide and code library for Amazon Web Services. All code examples are instructional and aligned with official AWS documentation practices.- [EXTERNAL_DOWNLOADS]: The skill references several official AWS SDK packages (e.g., @aws-sdk/client-s3, @aws-sdk/client-lambda) and common utilities like sharp and uuid. These are well-known, trusted dependencies from official registries.- [CREDENTIALS_UNSAFE]: The documentation includes standard AWS placeholder access keys (e.g., AKIAIOSFODNN7EXAMPLE) and generic passwords (e.g., SecurePassword123!) for demonstration purposes. These are recognized as benign placeholders and do not represent actual secrets.- [PROMPT_INJECTION]: The skill demonstrates tools that ingest untrusted data from external sources, which constitutes an indirect prompt injection surface.
- Ingestion points: Lambda handlers in EXAMPLES.md (e.g., handleGetUser, handleCreateUser) ingest data from pathParameters and request bodies. The image processor handler ingests S3 object keys.
- Boundary markers: The examples do not include explicit delimiters or instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill provides code for high-privilege operations including CRUD on DynamoDB, S3 file management, and EC2/RDS instance control.
- Sanitization: The instructional code focuses on functionality and does not implement input validation or sanitization for the ingested data.
Audit Metadata