amazon-alexa
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of official development tools and libraries from trusted sources, including the Amazon Alexa Skills Kit CLI (ask-cli), the AWS CLI (awscli), and official SDKs for Anthropic and AWS (boto3).
- [PROMPT_INJECTION]: The skill implementation for the ChatIntent processes raw voice input from users and interpolates it into the prompt sent to the LLM backend. This represents an indirect prompt injection surface inherent to the skill's primary function as a voice-based AI assistant. Ingestion points: Alexa query slot in SKILL.md. Boundary markers: None implemented in the provided Python handler. Capability inventory: Integration with Anthropic's Claude API and AWS DynamoDB for session persistence. Sanitization: No specific input sanitization is performed beyond length truncation of the assistant's response.
Audit Metadata