hyperpod-issue-report

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various local CLI tools including aws (for EKS, S3, and SSM operations) and kubectl (to describe Kubernetes resources). It also allows users to specify custom commands to run on remote HyperPod nodes for advanced troubleshooting.
  • [EXTERNAL_DOWNLOADS]: During diagnostic collection on EKS clusters, the script downloads the official eks-log-collector.sh from the awslabs organization's GitHub repository. This process includes a mandatory SHA256 integrity check to ensure the script has not been tampered with before execution.
  • [DATA_EXFILTRATION]: The skill's primary purpose is to aggregate diagnostic data and upload it to a user-specified S3 bucket. All data movement is handled via standard AWS SDKs (boto3) and CLI tools using the user's own AWS credentials.
  • [SAFE]: The bundled Python script uses pexpect to manage interactive SSM sessions securely and employs shlex for safe command argument quoting, minimizing the risk of command injection.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:02 PM
Security Audit — agent-trust-hub — hyperpod-issue-report