The Agent Skills Directory

Command Execution with Parameter Interpolation: The skill creates AWS CLI commands by inserting user-supplied parameters directly into execution strings. This represents a potential surface where untrusted input could affect command behavior if not properly validated.
Ingestion points: Parameters such as vpc_name, region, and allowed_web_cidrs are defined in SKILL.md and used throughout the procedure in references/create-production-vpc-multi-az.md.
Boundary markers: No specific boundary markers or delimiters are defined to isolate user inputs within the command strings.
Capability inventory: The skill utilizes the call_aws tool to perform significant modifications to the AWS environment, including networking and identity management.
Sanitization: The instructions do not call for explicit validation or sanitization of the input strings before they are processed by the shell.
Management of IAM Resources: The skill automates the creation of IAM roles and policies to support VPC Flow Logs. While this is a common operational step for monitoring production infrastructure, users should be aware that the skill performs actions related to identity and access management.
Security Group and Network Rules: The skill defines ingress rules for web and SSH access. It correctly includes a security-conscious step to provide warnings when overly broad CIDR ranges (like 0.0.0.0/0) are used, ensuring that users are informed about potential exposure risks.

creating-production-vpc-multi-az