aws-cost-optimizer
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous templates for the
awsCLI to interact with services including Cost Explorer, EC2, CloudWatch, and RDS. These commands are used for their intended purpose of resource analysis and cost reporting.\n- [PROMPT_INJECTION]: Indirect prompt injection surface detected due to ingestion of cloud environment data.\n - Ingestion points: Resource metadata fetched via
aws ec2 describe-instances(resource tags) and billing data fromaws ce get-cost-and-usage.\n - Boundary markers: No delimiters or specific instructions to ignore embedded commands in the data are present.\n
- Capability inventory: Subprocess execution via AWS CLI with access to multiple AWS services (SKILL.md).\n
- Sanitization: The skill does not provide mechanisms to sanitize or validate the content of the external data before processing.
Audit Metadata