saas-security-posture
Warn
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill establishes a persistence mechanism by creating a scheduled task (cron job) at
/etc/cron.d/shadow-it-checkto run a monitoring script every morning. - [COMMAND_EXECUTION]: The skill performs system-level file operations by writing a custom bash script to
/usr/local/bin/shadow-it-check.shand modifying its permissions, which typically requires administrative or root privileges. - [COMMAND_EXECUTION]: The skill executes extensive administrative and audit commands using standard CLI tools (aws, gh, gam) and web APIs (Slack) to manage security configurations and collect audit data.
Audit Metadata