cloud-security-scoutsuite
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill installs the 'scoutsuite' package via pip. While it is a known security tool, neither the package nor the NCC Group repository is on the pre-approved Trusted External Sources list.
- COMMAND_EXECUTION (LOW): The skill facilitates the execution of shell commands ('scout aws/azure/gcp') to perform audits. This is the intended behavior but constitutes a capability that can be exploited if the agent is compromised.
- PROMPT_INJECTION (HIGH): The skill is vulnerable to Category 8 (Indirect Prompt Injection). 1. Ingestion points: The skill reads JSON report files from the './scoutsuite-results' directory. 2. Boundary markers: Absent; there are no instructions to isolate the data from the agent's control logic. 3. Capability inventory: The agent maintains command execution capabilities while processing this data. 4. Sanitization: Absent; the agent directly interpolates external findings into its output. This creates a risk where malicious resource names in the scanned cloud environment could be interpreted as instructions by the agent.
Recommendations
- AI detected serious security threats
Audit Metadata