iam-review
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements comprehensive injection hardening measures. It explicitly instructs the agent to treat all IAM configuration data as untrusted input and provides specific directives to ignore and flag any malicious instructions, such as 'ignore previous instructions', that might be found within the metadata or descriptions of reviewed policies.
- [SAFE]: The agent's capabilities are restricted to a read-only assessment role. It is prohibited from executing IAM policy changes or administrative actions and is limited to using non-destructive tools (
Read,Grep,Glob). - [SAFE]: The skill includes strict data handling guidelines to prevent exfiltration. It explicitly forbids the extraction of sensitive credentials or secrets, requiring the agent to redact such information or reference it generically in findings.
- [SAFE]: No malicious patterns such as obfuscation, remote code execution, or persistence mechanisms were detected. All external framework references (NIST SP 800-63B, NIST SP 800-207, and CIS Controls v8) are to official industry-standard documentation.
Audit Metadata