hyperpod-ssm

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is explicitly designed to provide command execution and file transfer capabilities on SageMaker HyperPod cluster nodes. This functionality is implemented using the official AWS Systems Manager (SSM) 'AWS-StartNonInteractiveCommand' document, which is the standard method for remote administration on these instances.
  • [REMOTE_CODE_EXECUTION]: The scripts/ssm-exec.sh script facilitates remote code execution as its primary intended purpose. It implements security best practices, such as using jq for shell-safe quoting (@sh) of file paths and utilizing temporary files with restricted permissions (chmod 600) to hold command parameters, which prevents common injection vulnerabilities during the command construction process.
  • [DATA_EXFILTRATION]: The skill includes a 'read' functionality intended for log retrieval and diagnostics. While this allows reading remote files, it is a standard administrative feature for the target environment and uses secure quoting to prevent path traversal or injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:02 PM
Security Audit — agent-trust-hub — hyperpod-ssm