hyperpod-node-debugger

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: No malicious prompt injection patterns were detected. The skill includes robust operating policies that require the agent to perform read-only diagnostics and present any state-changing actions as manual suggestions for the user, preventing autonomous execution of potentially harmful commands.
  • [DATA_EXFILTRATION]: No data exfiltration patterns were detected. The skill interacts with the standard EC2 Instance Metadata Service (IMDS) at 169.254.169.254 to retrieve instance metadata, which is expected behavior for a node debugger. No sensitive local files (e.g., SSH keys, AWS credentials) are accessed or transmitted to non-whitelisted domains.
  • [REMOTE_CODE_EXECUTION]: No unauthorized remote code execution patterns were found. The skill utilizes official AWS CLI tools and the Systems Manager (SSM) Session Manager for node access. While it generates diagnostic shell scripts at runtime, these are executed via established AWS management channels and are restricted to the local environment and the user's cluster nodes.
  • [COMMAND_EXECUTION]: The skill uses shell commands for cluster triage and node diagnostics. These commands are limited to discovery and status-reporting operations (e.g., aws sagemaker describe-cluster, kubectl get nodes). Remediation commands like scontrol update or batch-reboot-cluster-nodes are presented only as manual suggestions to the user.
  • [OBFUSCATION]: The skill uses Base64 encoding in scripts/triage-cluster.sh solely for the purpose of transmitting shell commands to SSM targets. This is a standard functional implementation for the AWS-StartNonInteractiveCommand document and is not used to hide malicious intent. No other forms of obfuscation, such as zero-width characters or homoglyphs, were detected.
  • [TRUSTED_AUTHOR_CONTEXT]: The skill is authored by 'awslabs'. All external domains (e.g., sagemaker.amazonaws.com) and resources described in the scripts are official AWS vendor resources, consistent with the skill's purpose for managing AWS SageMaker HyperPod infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 01:10 AM
Security Audit — agent-trust-hub — hyperpod-node-debugger