s3-tools
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Provides numerous examples of AWS CLI commands for S3 operations, including high-privilege bucket ACL modifications like 'aws s3api put-bucket-acl'.
- [DATA_EXFILTRATION]: Documents commands like 'cp' and 'sync' that enable data transfer between the local system and external storage endpoints.
- [PROMPT_INJECTION]: The 'Clean Old Backups' example script processes output from 'aws s3 ls' using a shell loop, which represents an indirect prompt injection surface where maliciously named files in a bucket could influence command execution. Ingestion points: output of 'aws s3 ls' in 'SKILL.md'. Boundary markers: none present in the shell script. Capability inventory: includes 'aws s3 rm' for object deletion. Sanitization: variables are double-quoted, providing basic protection against shell word splitting.
Audit Metadata