threat-modeling-with-aws-security-agent
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [Data Management]: The skill packages source code and specification documents into a compressed archive and uploads them to a cloud storage bucket. This transfer is a functional requirement of the threat modeling process, allowing the analysis engine to evaluate the design against the implementation. The destination path is dynamically generated based on environment-specific identifiers.
- [Command Execution]: The workflow relies on standard system utilities and command-line interfaces (CLI) to prepare data and manage the scan lifecycle. These operations include zipping files with appropriate exclusions and interacting with APIs to initiate and monitor analysis jobs.
- [Environment Integration]: It retrieves configuration details from local files and environment metadata to determine the scope and permissions for the review. This includes resolving identifiers for the analysis space and the necessary identity roles required for the service to access the provided assets.
Audit Metadata