model-selection

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, data exfiltration, or unauthorized persistence mechanisms were detected. The skill's behavior matches its described purpose as an AWS-focused model selection assistant.
  • [COMMAND_EXECUTION]: The skill executes local Python scripts and shell commands to manage its workflow. This includes checking the current AWS region and running a script to fetch model availability from SageMaker. These operations use the well-known boto3 library and are essential to the skill's primary function.
  • [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection as it processes metadata (model names) retrieved from the external SageMaker Hub API. This surface is evaluated as safe given the controlled source of the data.
  • Ingestion points: The scripts/get_model_names.py script retrieves model names via the SageMaker ListHubContents API.
  • Boundary markers: The skill does not currently use explicit boundary markers or delimiters when presenting retrieved model names to the user.
  • Capability inventory: The skill can invoke AWS CLI tools and run Python scripts.
  • Sanitization: The skill does not perform explicit sanitization on retrieved model names, but the data is displayed for human review before selection.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 01:10 AM
Security Audit — agent-trust-hub — model-selection