The Agent Skills Directory

AWS CLI Command Execution: The skill is designed to run several aws CLI commands, such as aws sts get-caller-identity, aws cleanrooms get-membership, and aws iam get-role. These commands allow the agent to gather necessary technical details to identify the cause of user-reported errors.
Access to Resource Policies: To perform effective debugging, the skill retrieves security configurations including IAM policies, S3 bucket policies, and KMS key policies. While this involves accessing sensitive configuration data, it is a required step for the skill's diagnostic functionality.
Processing of User Error Messages: The diagnostic workflow involves analyzing error messages provided by the user. While this represents a standard data ingestion point, it is worth noting as a potential surface for indirect prompt injection, though the skill maintains a structured diagnostic path.

aws-cleanrooms