aws-security-audit
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous AWS CLI commands and a Python script for inspecting cloud resource configurations (IAM, EC2, S3, RDS, CloudTrail). These are standard auditing operations for security assessments.
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection exists because the skill processes data from AWS resource metadata (e.g., resource names, tags). Ingestion points: Metadata fetched via AWS CLI and Boto3 in SKILL.md. Boundary markers: Absent in the provided scripts. Capability inventory: Read-only AWS environment inspection calls. Sanitization: No explicit filtering of resource names or tags before processing.
Audit Metadata