The Agent Skills Directory

[SAFE]: The skill provides a comprehensive guide and a Python utility for analyzing AWS CloudTrail logs to identify potential security incidents and unauthorized access patterns.
[SAFE]: The script scripts/agent.py uses the official AWS SDK (boto3) to perform read-only queries against the CloudTrail API. The script logic is focused on audit log analysis and does not contain any code for data exfiltration, persistent access, or unauthorized system modifications.
[SAFE]: Documentation in SKILL.md and references/api-reference.md includes standard AWS CLI commands and SQL queries for security auditing, which align with established security best practices such as the CIS AWS Foundations Benchmark.
[EXTERNAL_DOWNLOADS]: The skill mentions the installation of boto3, which is the official and trusted Python library for interacting with AWS services.
[SAFE]: All external links point to official AWS documentation or established developer resources, and no obfuscation or hidden instructions were detected in any of the skill files.

implementing-cloud-trail-log-analysis