amazon-working-backwards
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No bypass or override instructions were found. The skill follows its intended instructional purpose and contains no attempts to subvert agent logic.\n- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive credentials or perform any unauthorized network requests. File writing is restricted to the local environment and follows a clear naming convention.\n- Obfuscation (SAFE): All files contain plain-text instructional content with no evidence of Base64 encoding, zero-width characters, or homoglyph attacks.\n- Remote Code Execution (SAFE): No remote scripts or unverified packages are downloaded or executed. The skill references an internal docx helper for file conversion.\n- Indirect Prompt Injection (SAFE): The skill ingests untrusted user ideas to generate text documents.\n
- Ingestion points: User-provided product descriptions in the drafting phase.\n
- Boundary markers: None.\n
- Capability inventory: Local file-write operations (Markdown).\n
- Sanitization: None. The risk is assessed as SAFE because the output is static text for human review and does not involve automated code execution or network communication of the processed data.
Audit Metadata