aws-ses
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'boto3' package using 'pip3'. This is the official and trusted AWS SDK for Python.
- [COMMAND_EXECUTION]: The skill uses 'python3 -c' to execute inline Python scripts for sending emails and retrieving quotas. This is a standard method for implementing logic within shell-based skills.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection vulnerabilities due to its input handling. 1. Ingestion points: Untrusted data can enter the system through the recipient email, subject line, and message body arguments passed via 'sys.argv'. 2. Boundary markers: There are no delimiters or instructions used to separate the email content from the execution logic. 3. Capability inventory: The skill has the capability to send emails externally through 'ses.send_email'. 4. Sanitization: No validation or sanitization is performed on the arguments before they are processed by the Python interpreter.
Audit Metadata