s3-storage
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
boto3package via pip. This is the official and well-known Python SDK for AWS services. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill utilizes environment variables
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYto authenticate with S3-compatible services. This access is required for the skill's primary purpose of file management. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from external S3 buckets which could contain untrusted content in object keys.
- Ingestion points: Object keys and metadata are retrieved via the
list_objects_v2call inSKILL.md. - Boundary markers: None present; object keys are printed directly to the agent context.
- Capability inventory: The skill has the capability to read from the filesystem, write to the filesystem, and perform network operations via the boto3 client.
- Sanitization: There is no evidence of sanitization or validation of the object keys retrieved from the remote storage.
Audit Metadata