The Agent Skills Directory

[COMMAND_EXECUTION]: The skill frequently executes cloud CLI commands (AWS, Azure, and gcloud) to manage infrastructure, create snapshots, and retrieve logs for forensic purposes.- [COMMAND_EXECUTION]: The workflow involves using sudo mount to attach disk volumes in read-only mode for forensic analysis, which is a privileged operation necessary for the skill's primary function.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and processes data from external cloud logs (CloudTrail, VPC Flow Logs) that could be manipulated by an attacker to influence the agent's reasoning.
Ingestion points: SKILL.md (Step 3) and scripts/agent.py (collect_cloudtrail_events) ingest log data.
Boundary markers: None present to delimit untrusted log content from instructions.
Capability inventory: The skill has broad capabilities including cloud resource modification (snapshots, security groups), privileged file system access, and the ability to execute complex Python scripts.
Sanitization: No sanitization or filtering is performed on the log data before it is parsed and presented for analysis.- [DATA_EXFILTRATION]: The skill accesses highly sensitive files such as SSH keys, crontabs, and bash histories from mounted forensic volumes. While this is typical for digital forensics, it represents a significant data access profile. No unauthorized remote exfiltration was identified.

performing-cloud-forensics-investigation