Skills
skills/dokhacgiakhoa/antigravity-ide/AWS Penetration Testing/Gen Agent Trust Hub

AWS Penetration Testing

Fail

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Provides detailed procedures and commands for unauthorized privilege escalation and system control.
  • sub-skills/attach-admin-policy.md and sub-skills/add-inline-admin-policy.md provide commands to grant a user AdministratorAccess via the IAM API.
  • sub-skills/lambda-privilege-escalation.md provides a Python payload to automatically attach administrative policies when executed.
  • sub-skills/mount-ebs-volume.md includes instructions for using AWS Systems Manager (SSM) to execute shell commands on managed EC2 instances.
  • [REMOTE_CODE_EXECUTION]: Facilitates the deployment of malicious code to maintain persistence and bypass controls.
  • sub-skills/lambda-privilege-escalation.md and references/advanced-aws-pentesting.md describe how to update Lambda function code with backdoor logic.
  • references/advanced-aws-pentesting.md includes instructions for building and pushing backdoored container images to Amazon ECR.
  • [CREDENTIALS_UNSAFE]: Contains extensive methods for extracting sensitive credentials and secrets.
  • sub-skills/step-3-metadata-ssrf-ec2.md and sub-skills/example-1-ssrf-to-admin.md provide specific URLs and procedures for exploiting SSRF to steal IAM role credentials from the EC2 Instance Metadata Service (IMDSv1 and v2).
  • references/advanced-aws-pentesting.md provides commands to retrieve secrets from AWS Secrets Manager and decrypt KMS-protected data.
  • [DATA_EXFILTRATION]: Outlines techniques for harvesting sensitive data from cloud resources.
  • references/advanced-aws-pentesting.md includes commands for downloading Lambda function source code and scanning S3 buckets for public access.
  • sub-skills/shadow-copy-attack-windows-dc.md describes a process for extracting NTDS.dit (Active Directory database) from snapshots of Windows Domain Controller volumes.
  • [EXTERNAL_DOWNLOADS]: Promotes the installation of numerous third-party offensive security tools from unverified GitHub repositories.
  • SKILL.md and references/advanced-aws-pentesting.md list installation commands for tools such as Pacu, SkyArk, weirdAAL, and cloudmapper.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 4, 2026, 02:03 PM