aws-ai

SUSPICIOUS: the skill’s purpose and AWS-focused capabilities are broadly aligned, and the stated data flow appears to target AWS rather than an obvious interceptor. However, it asks the user to clone and run a lightly verifiable third-party helper container with direct access to `~/.aws` credentials and env-based role settings, which is a meaningful trust and credential-forwarding risk for an agent skill.