AWS Cdk Analyzer

Security checks across malware telemetry and agentic risk

Overview

This appears to be a CDK security review skill whose repository and IAM-policy inspection behavior matches its stated purpose.

Install this if you want an agent to help review AWS CDK infrastructure and IAM policies. Use it intentionally on the repository or stack you want reviewed, and remember that CDK/IAM files may reveal sensitive infrastructure details even when the skill is only reading and analyzing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill advertises broad trigger phrases like "Analyze my CDK app for security issues" and "Review the IAM policies in my CDK stacks" without clear scoping or activation boundaries. In an agent environment, such generic requests can overlap with normal conversation and cause the skill to activate unexpectedly, leading to unintended repository inspection, command suggestions, or handling of sensitive infrastructure context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal