dr-bedrock
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill includes 'Hard safety rules' that explicitly prohibit making system changes, reading/printing raw credentials, or suggesting changes to the core application code. It focuses solely on identifying configuration issues.
- [DATA_EXFILTRATION]: While the skill accesses sensitive paths such as
~/.aws/credentialsand~/.aws/config, it utilizes complex shell snippets to redact sensitive values (aws_access_key_id,aws_secret_access_key,aws_session_token, and SSO tokens) locally using JQ, AWK, Node.js, and Python before any information is reflected in the agent's context or output. - [COMMAND_EXECUTION]: The skill executes standard system utilities (
awsCLI,jq,node,python3) to perform its diagnostic mission. These commands are used for read-only inspection of the environment and configuration files. - [REMOTE_CODE_EXECUTION]: The skill recommends user-led actions such as
npm install -g cline@latest. It does not automate remote code execution itself, but uses standard package management commands for troubleshooting advice directed at the user.
Audit Metadata