cloud-infrastructure
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions attempting to bypass safety filters or override system prompts were found. The instructional language is focused on infrastructure design.
- DATA_EXFILTRATION (SAFE): No hardcoded credentials or unauthorized network calls were detected. Account IDs used in examples are dummy values (e.g., '111111111111').
- OBFUSCATION (SAFE): The content is clear markdown and standard TypeScript/JSON. No hidden characters or encoded strings were found.
- EXTERNAL_DOWNLOADS (SAFE): The skill references standard, trustworthy container images (e.g.,
amazon/aws-for-fluent-bit) and follows standard registry patterns. - COMMAND_EXECUTION (SAFE): Shell commands found in the documentation (e.g.,
aws cloudfront create-invalidation) are standard administrative operations intended for cloud management and are not executed automatically by the skill's logic. - SECURITY BEST PRACTICES: The skill provides excellent guidance on IAM least privilege, VPC isolation for databases, and the use of AWS Secrets Manager instead of environment variables.
Audit Metadata