Skills
skills/github/awesome-copilot/aws-resource-query/Gen Agent Trust Hub

aws-resource-query

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is entirely built around executing AWS CLI commands (e.g., aws ec2 describe-instances, aws iam list-users) to retrieve resource information.
  • [DATA_EXFILTRATION]: The skill aggregates and exposes a high volume of sensitive cloud infrastructure metadata, including IAM roles, VPC configurations, Security Group rules, and Secrets Manager metadata, to the agent's context. While the skill claims to be read-only and excludes secret values, the broad access to configuration data represents a significant information gathering surface.
  • [PROMPT_INJECTION]: The skill interpolates user-controlled data into shell command templates via placeholders like <name>, <bucket>, and <id>. This creates a surface for Indirect Prompt Injection or command injection if the underlying execution platform does not properly sanitize or escape these inputs before execution.
  • Ingestion points: User-supplied values for placeholders throughout SKILL.md.
  • Boundary markers: Absent.
  • Capability inventory: Subprocess calls to the aws CLI across all defined intents in SKILL.md.
  • Sanitization: No explicit sanitization or escaping logic is defined in the instruction set.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 06:59 PM
Security Audit — agent-trust-hub — aws-resource-query