The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands and a Python script (scripts/agent.py) to interact with cloud provider CLIs. The Python agent uses subprocess.run with list-based arguments, which is a secure method for executing external binaries as it avoids shell interpretation and potential command injection vulnerabilities.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes security log data from external cloud services.
Ingestion points: External data enters the script's context via the output of aws guardduty list-findings and aws cloudtrail lookup-events in scripts/agent.py.
Boundary markers: Absent; the script relies on the structural integrity of the cloud provider's JSON responses rather than explicit delimiters.
Capability inventory: The skill possesses the capability to modify IAM policies, deactivate access keys, and revoke authentication sessions.
Sanitization: The script uses json.loads for data extraction and employs list-based subprocess calls to ensure that ingested data cannot be executed as shell commands.
[SAFE]: Static analysis detected hardcoded credential patterns (e.g., AKIAXXXXXXXXXXXXXXXX), but these were verified to be non-functional placeholders used exclusively for documentation and demonstration purposes.

detecting-compromised-cloud-credentials