aws-cleanrooms
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Command Execution: The skill employs a series of AWS CLI 'get' and 'describe' commands to gather diagnostic information. These operations are restricted to read-only metadata retrieval necessary for troubleshooting.
- Sensitive Data Handling: Troubleshooting involves inspecting IAM policies, S3 bucket permissions, and KMS key configurations. This data is used to provide the user with a root-cause analysis and recommended fixes.
- Input Processing: The skill processes user-supplied error messages and resource identifiers to navigate its diagnostic logic. While this introduces a data ingestion surface, the skill's structured approach to classification mitigates potential risks associated with untrusted input.
- Credential Awareness: By explicitly calling 'aws sts get-caller-identity', the skill ensures the user is informed about the active AWS security context.
Audit Metadata