The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests untrusted data from remote command outputs which could be manipulated to influence agent behavior. Ingestion points: The run_ssm_command function in scripts/agent.py retrieves stdout and stderr from EC2 instances via the AWS SSM service. Boundary markers: There are no explicit delimiters or instructions to ignore instructions within the captured output. Capability inventory: The skill can execute remote commands via AWS SSM and perform local file writes to cwp_report.json. Sanitization: No validation or escaping is applied to the remote data before processing.
[COMMAND_EXECUTION]: The skill utilizes the AWS Systems Manager (SSM) API to execute shell scripts on remote EC2 instances. While the commands are predefined for security scanning, this capability allows for high-privilege interaction with managed cloud infrastructure.
[DATA_EXFILTRATION]: The skill aggregates sensitive runtime metadata, including process lists, network connection details, and file integrity data from cloud workloads into a local report. This involves the systematic collection and storage of sensitive environment information.

implementing-cloud-workload-protection