scanning-with-aws-security-agent
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Command Execution]: The skill executes several local shell commands to manage the scanning process. This includes using
zipto package the workspace,md5sumfor generating workspace identifiers, and theawsCLI for interacting with AWS services. These are standard operations for a developer-focused tool. - [Data Handling]: As part of its core functionality, the skill compresses the local workspace source code and uploads it to an AWS S3 bucket. The destination bucket is dynamically derived from the user's AWS account ID and region, ensuring data is sent to the user's own infrastructure for analysis.
- [Indirect Prompt Injection]: The skill retrieves security findings and remediation guidance from external AWS API responses to provide summaries or suggest code fixes. There is a potential consideration where malicious patterns in the scanned code could influence the content of these findings, which the agent then processes to perform edits. It is recommended to review suggested fixes before applying them.
- [Local File Access]: The skill maintains local state by reading from and writing to the
.security-agent/directory. This is used to store configuration, such as agent space identifiers, and a history of previous scans to maintain context across sessions.
Audit Metadata