querying-aws-s3

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • Command Execution: The skill utilizes the AWS CLI (such as aws s3api, aws s3control, and aws glue) to perform administrative tasks and configuration. These operations are standard for AWS-focused administration and are restricted to the local environment's configured credentials.
  • Data Privacy and Sensitivity: The skill provides specific warnings regarding the sensitivity of data found in S3 journal logs, such as IP addresses and requester identities, and recommends encrypted storage for results to ensure data protection.
  • Trusted Documentation: All provided links and resources point to official AWS documentation domains, which are recognized as verified sources.
  • Indirect Prompt Injection Surface: The skill processes metadata (like object keys or tags) that could be controlled by external parties. While this presents an area where untrusted data could enter the agent's context, the skill's reliance on structured SQL queries and AWS-managed tables helps maintain operational boundaries.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 09:12 PM
Security Audit — agent-trust-hub — querying-aws-s3