file-upload-fullstack
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices by recommending direct-to-cloud uploads, which avoids server-side resource exhaustion and mitigates risks associated with proxying untrusted file bytes.\n- [EXTERNAL_DOWNLOADS]: The skill references established, official AWS SDK libraries (@aws-sdk/client-s3, @aws-sdk/s3-request-presigner, @aws-sdk/cloudfront-signer) for handling storage and CDN operations.\n- [DATA_EXFILTRATION]: Demonstrates secure handling of credentials by correctly referencing environment variables (e.g., AWS_REGION, S3_BUCKET) rather than hardcoding sensitive information.\n- [COMMAND_EXECUTION]: Includes standard SDK-based command execution for S3 and CloudFront operations, which are scoped to specific bucket and distribution configurations.
Audit Metadata