aws-step-functions

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: No malicious instruction overrides or bypass attempts were detected. The instructions maintain standard operational guidance.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were found. All examples use standard AWS documentation placeholders, such as the '123456789012' account ID.
  • [COMMAND_EXECUTION]: The skill documents the use of the aws stepfunctions test-state API for unit testing state machine logic.
  • Evidence: The file references/validation-and-testing.md includes a 'Before Accessing AWS' protocol that mandates the agent ask for user permission, verify the caller identity, and confirm the IAM role before execution.
  • [DATA_EXFILTRATION]: Documentation is provided for debugging HTTP Tasks using the --reveal-secrets flag.
  • Evidence: The skill correctly identifies this as a sensitive operation, explicitly listing the required states:RevealSecrets IAM permission and warning the user never to commit the output to version control.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 01:10 AM
Security Audit — agent-trust-hub — aws-step-functions