amplify-workflow
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches official project templates from the 'aws-samples' organization on GitHub during project scaffolding.
- [EXTERNAL_DOWNLOADS]: Downloads official AWS Amplify libraries and UI components from the 'aws-amplify' organization via npm, Maven, and Swift Package Manager.
- [COMMAND_EXECUTION]: Utilizes the AWS CLI ('aws') and Amplify CLI ('npx ampx') for resource provisioning, secret management, and deployment workflows.
- [PROMPT_INJECTION]: The skill processes user requirements to generate infrastructure-as-code (TypeScript). While it possesses an indirect prompt injection surface (Category 8), the risk is minimal as it focuses on generating static configuration and resource definitions rather than executing dynamic data.
Audit Metadata