cloud-audit
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill behaves as an audit tool, using standard cloud provider CLIs to retrieve configuration settings. Its instructions are focused on identifying security gaps and misconfigurations, which aligns with its stated purpose.- [DATA_EXFILTRATION]: The skill accesses sensitive cloud configuration data, including IAM credential reports and role assignments. This is a core part of a security audit, and no network operations are present that would suggest exfiltration of this data to external services.- [PROMPT_INJECTION]: The skill analyzes infrastructure-as-code (IaC) files, which serves as a potential surface for indirect prompt injection if those files contain malicious instructions disguised as configuration.\n
- Ingestion points: IaC files like Terraform and CloudFormation read from the filesystem.\n
- Boundary markers: No specific delimiters or safety warnings are provided for parsing these files.\n
- Capability inventory: Bash shell execution for cloud CLIs and write access for reporting.\n
- Sanitization: The audit process relies on pattern matching for specific misconfigurations, reducing the likelihood of executing embedded instructions.
Audit Metadata