Watadot Aws Lambda

Security checks across malware telemetry and agentic risk

Overview

This is a small AWS Lambda command reference that can affect live cloud resources, but its capabilities are visible and aligned with its stated purpose.

Install this only if you want agent assistance with AWS Lambda. Before allowing any update, configuration, invocation, or concurrency command, verify the AWS profile, account, region, function name, alias, and credentials, and use least-privilege permissions for production environments.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill documents AWS Lambda commands that directly modify deployed code and configuration, including updating function ZIPs and environment variables, without any caution about production impact, verification steps, or confirmation expectations. In an agent-driven context, these examples can be operationalized into live changes against cloud infrastructure, increasing the chance of accidental outages, secret misconfiguration, or unauthorized deployment changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal