Skills
skills/terminalskills/skills/s3-storage/Gen Agent Trust Hub

s3-storage

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes data from external storage (S3 buckets) and uses user-provided inputs (filenames, user IDs) to construct object keys. This creates a surface for indirect prompt injection where malicious instructions embedded in stored files or crafted filenames could influence agent behavior.
  • Ingestion points: Data retrieved via GetObjectCommand and parameters like userId or filename in SKILL.md.
  • Boundary markers: The skill lacks explicit prompt boundary markers in its code examples, though it provides instructional guidelines for safety.
  • Capability inventory: The skill possesses extensive capabilities to modify cloud storage state, including PutObjectCommand, DeleteObjectCommand, and PutBucketLifecycleConfigurationCommand in SKILL.md.
  • Sanitization: The instructions explicitly recommend sanitizing filenames and using prefixes for logical organization to mitigate risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 09:15 PM