The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes shell commands on remote EC2 instances via the AWS Systems Manager (SSM) 'AWS-RunShellScript' document. This is used for its stated purpose of security monitoring for threats like cryptominers and reverse shells.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection due to data ingestion from monitored instances. 1. Ingestion points: The script in scripts/agent.py ingests stdout and stderr from remote instances via the ssm.get_command_invocation API call. 2. Boundary markers: No delimiters or 'ignore embedded instructions' warnings are present to separate the instance-provided output from the reporting logic. 3. Capability inventory: The skill has high-privilege capabilities including remote command execution on cloud infrastructure, AWS CloudWatch/EC2 API access, and local file-writing. 4. Sanitization: No sanitization or validation is performed on the ingested output before it is written to the report file.

implementing-cloud-workload-protection