cloud-architect
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the design and validation of cloud architectures, which involves processing user-supplied requirements. This creates an indirect prompt injection surface where malicious inputs could attempt to influence the execution of diagnostic cloud commands.\n
- Ingestion points: Architectural requirements, current state assessments, and compliance constraints provided by users (SKILL.md).\n
- Boundary markers: No explicit delimiters or instructions are provided to separate untrusted user data from the execution of cloud CLI commands.\n
- Capability inventory: The skill utilizes
awsandazCLI tools for resource discovery, connectivity validation, and cost analysis across multiple files (SKILL.md, references/cost.md).\n - Sanitization: There is no evidence of input validation or sanitization for parameters passed to the cloud provider CLI tools.\n- [COMMAND_EXECUTION]: The skill includes workflows that use legitimate cloud diagnostic tools such as the AWS CLI and Azure CLI for infrastructure assessment and validation, which is appropriate for the Cloud Architect role.
Audit Metadata