The Agent Skills Directory

[SAFE]: The remote code execution pattern (curl piped to bash) flagged by scanners is a static text entry in the markdown documentation. It serves as an example of a potential finding (Proof of Concept) for users of the tool and is not an instruction to be executed by the agent.
[SAFE]: The Python script included (scripts/agent.py) is a legitimate security tool that uses the AWS SDK (boto3) to audit Lambda configurations, IAM roles, and CloudTrail logs. It downloads code packages from official AWS endpoints for static analysis.
[SAFE]: The skill provides comprehensive and accurate guidance for cloud security assessments, following best practices for detecting serverless injection, privilege escalation, and configuration errors without exhibiting any malicious behaviors such as unauthorized data exfiltration or persistence.

detecting-serverless-function-injection