The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses subprocess.run to invoke the cartography command-line tool. This is a legitimate use case for the skill's purpose. The implementation is secure as it passes arguments as a list rather than a single string and avoids invoking a shell, thereby preventing command injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of well-known and trusted Python packages, specifically cartography and neo4j. It also provides instructions for deploying a standard Neo4j database via Docker. These dependencies are necessary for the skill's functionality and originate from reputable open-source sources.
[SAFE]: No malicious patterns, such as prompt injection, data exfiltration, or obfuscation, were identified. The skill correctly manages credentials using environment variables and provides educational Cypher queries for security monitoring without introducing new risks.

performing-cloud-asset-inventory-with-cartography