Skills
skills/sundial-org/awesome-openclaw-skills/aws-infra/Gen Agent Trust Hub

aws-infra

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to execute AWS CLI commands to query and manage cloud infrastructure.
  • Evidence: SKILL.md and references/aws-cli-queries.md list various CLI patterns for AWS services including STS, EC2, S3, IAM, and Lambda.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted data from external AWS services.
  • Ingestion points: The skill reads CloudWatch logs via aws logs get-query-results and resource descriptions (e.g., aws ec2 describe-instances) in references/aws-cli-queries.md.
  • Boundary markers: The skill includes high-level instructions to default to read-only queries and require user confirmation for changes, but it lacks structural delimiters to isolate external data from instructions.
  • Capability inventory: The agent can perform significant infrastructure changes, such as deleting S3 objects (aws s3 rm) or updating services (aws ecs update-service), if instructed to do so.
  • Sanitization: There is no evidence of input validation or sanitization for the data retrieved from AWS APIs before it is incorporated into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 05:20 PM