The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes a Python script (scripts/agent.py) that executes the Prowler security tool via subprocess.run. This is a legitimate use case for wrapping a CLI tool and is implemented using a list of arguments rather than a shell string, minimizing injection risk.
[EXTERNAL_DOWNLOADS]: The skill documentation and prerequisites identify the need for well-known security libraries and tools, including prowler, scoutsuite, and boto3. These are standard tools in the cybersecurity domain and are downloaded from trusted sources.
[DATA_EXFILTRATION]: The agent script accesses cloud configuration metadata (e.g., S3 bucket settings, IAM policies) to evaluate security posture. This data access is restricted to the specific purpose of the skill and does not involve unauthorized transmission of data to external servers.

implementing-cloud-security-posture-management