skills/mukul975/anthropic-cybersecurity-skills/securing-aws-lambda-execution-roles/Gen Agent Trust Hub
securing-aws-lambda-execution-roles
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs its stated purpose of auditing AWS IAM roles for Lambda functions using standard AWS SDK (boto3) and CLI operations.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill does not contain hardcoded credentials or exfiltrate data. It uses environment-based authentication for AWS API calls and uses placeholders for account-specific information in examples.
- [COMMAND_EXECUTION]: The Python agent and bash scripts execute well-known AWS management commands. There are no patterns of arbitrary or malicious command execution.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute scripts from remote sources. All logic is contained within the provided local scripts.
- [PROMPT_INJECTION]: No instructions were found that attempt to override agent safety guidelines or manipulate the agent's core behavior.
- [INDIRECT_PROMPT_INJECTION]: The skill processes AWS IAM policy documents and CloudTrail logs, which are structured data from the user's own environment. It does not ingest untrusted third-party data that could lead to indirect injection.
Audit Metadata