The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/agent.py is designed to accept a plaintext password through command-line arguments (--password). This is a security risk as the password may be exposed in the system's process list or shell history.
[DATA_EXFILTRATION]: In scripts/agent.py, the communication with the CyberArk API explicitly disables SSL/TLS verification (verify=False) and suppresses related security warnings. This makes the connection vulnerable to Man-in-the-Middle (MitM) attacks, potentially allowing an attacker to intercept administrative credentials.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted data from external sources.
Ingestion points: Data is ingested from CyberArk PVWA REST API in scripts/agent.py and AWS IAM APIs in scripts/process.py.
Boundary markers: There are no boundary markers or instructions to ignore embedded commands within the processed data.
Capability inventory: The scripts have the capability to write files to the local system (json.dump in scripts/agent.py and scripts/process.py).
Sanitization: No sanitization or validation of values retrieved from the external APIs is performed before they are incorporated into the report or used in logic.
[COMMAND_EXECUTION]: The skill includes executable Python scripts (scripts/agent.py and scripts/process.py) that perform network requests and cloud environment discovery.
[EXTERNAL_DOWNLOADS]: The skill's scripts rely on external libraries including requests, urllib3, and boto3 which must be installed from public registries.

implementing-zero-standing-privilege-with-cyberark