Oathe Security Badge

Is skills/aws-solution-architect safe?

https://github.com/alirezarezvani/claude-skills/tree/main/engineering-team/skills/aws-solution-architect

92
SAFE

This AWS Solution Architect skill appears to be a legitimate infrastructure design tool providing structured workflows for AWS architecture planning, cost optimization, and infrastructure-as-code generation. While it contains executable Python scripts and triggered some file access during installation, all activity appears benign and consistent with normal AWS development tooling.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 95/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

LOW Executable Python Scripts Present -15

The skill contains three Python scripts (architecture_designer.py, cost_optimizer.py, serverless_stack.py) that could potentially execute code. However, these appear to be legitimate AWS infrastructure analysis tools without malicious patterns.

INFO Sensitive File Access During Installation -10

Multiple sensitive files (.env, SSH keys, AWS credentials) were accessed during the installation process. This appears to be part of normal system initialization rather than skill-initiated access.

INFO Canary File Access During Setup -5

Honeypot files were accessed during system initialization but not modified or exfiltrated, indicating normal system behavior rather than malicious activity.