The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): Provides commands for executing arbitrary code on EC2 instances via AWS SSM and injecting code into Lambda functions.
[DATA_EXFILTRATION] (HIGH): Explicitly details techniques for exfiltrating S3 bucket data and extracting sensitive Active Directory databases from EBS snapshots. Includes reference to 'secretsdump.py', which is associated with credential dumping.
[REMOTE_CODE_EXECUTION] (HIGH): Directs users to clone and run third-party toolsets from unverified GitHub repositories and update Lambda functions with custom code.
[CREDENTIALS_UNSAFE] (HIGH): Includes methods for stealing temporary session credentials from IMDSv1/v2 and container environments.
[EXTERNAL_DOWNLOADS] (MEDIUM): Downloads numerous external auditing and exploitation tools (Pacu, enumerate-iam, aws_consoler) without integrity verification or trusted source status.
[PRIVILEGE_ESCALATION] (HIGH): Maps specific paths to attain AdministratorAccess through IAM permission abuse, such as 'iam:AttachUserPolicy'.
[PERSISTENCE_MECHANISMS] (HIGH): Details methods for creating persistent access via new IAM keys and login profiles.
[PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection due to untrusted data processing. * Ingestion points: Untrusted resource identifiers (bucket names, role names) and credentials entered in 'Core Workflow'. * Boundary markers: Absent throughout the skill. * Capability inventory: Extensive access via AWS CLI, shell execution, and network access via curl. * Sanitization: No input validation or escaping performed before interpolation into system commands.
[EVASION] (HIGH): Specifically instructs on disabling CloudTrail logging and modifying user-agents to bypass GuardDuty security alerts, which indicates malicious design.

AWS Penetration Testing