The Agent Skills Directory

Cloud Infrastructure Management: The skill facilitates the management of S3, KMS, CloudTrail, and GuardDuty via the AWS CLI. It emphasizes security-minded configurations, such as enabling default encryption, enforcing HTTPS-only transport, and setting up automated monitoring.
Operational Safety Rules: A key feature of this skill is the inclusion of explicit 'safety rules' for modifying bucket policies. These rules require the agent to retrieve and back up existing policies before any changes are made, ensuring that critical security controls are not inadvertently removed.
Least Privilege Templates: The skill provides JSON templates for KMS key policies that follow the principle of least privilege. These templates use AWS condition keys (e.g., kms:ViaService) to restrict cryptographic operations to authorized services and accounts.
Human Oversight: The instructions mandate that the agent must display all write commands and wait for explicit user confirmation before execution. This human-in-the-loop requirement provides a significant safeguard against automated errors.
Standard Tooling: The skill utilizes standard AWS CLI commands and built-in system utilities (such as python3 -m json.tool for syntax validation). No external dependencies, remote script downloads, or obfuscated code patterns were detected.

securing-s3-buckets