Skills
skills/ralphjohn29/my-claude-skills/aws-cloud-services/Snyk

aws-cloud-services

Fail

Audited by Snyk on Mar 9, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt includes an explicit hard-coded secret (MasterUserPassword: 'SecurePassword123!') in the RDS example, which demonstrates and encourages embedding secret values verbatim in generated code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill clearly ingests untrusted, user-generated content (e.g., files uploaded to S3 and HTTP request bodies/DynamoDB records) and acts on it as part of its workflow — see SKILL.md/EXAMPLES.md examples like the "S3 Image Processing Pipeline" Lambda that downloads and processes arbitrary S3 objects, the Lambda API handler that parses request.body from API Gateway, and the DynamoDB Streams processor that unmarshals and reacts to stream records — so third-party content can materially influence actions.
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 9, 2026, 09:21 PM