The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses subprocess.run() to execute the pacu command-line tool. This allows the skill to automate offensive security modules for enumeration and exploitation within an AWS environment.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of pacu, a third-party exploitation framework, which is downloaded via pip as described in SKILL.md and references/api-reference.md.
[DATA_EXFILTRATION]: The automated script scripts/agent.py collects extensive sensitive information from the AWS environment, including IAM user lists, role trust policies, and potential privilege escalation vectors. This data is saved to a local JSON file (pacu_pentest_[date].json), which represents significant data exposure.
[PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it ingests untrusted data from an external AWS environment.
Ingestion points: In scripts/agent.py, the script retrieves IAM policy documents and metadata using boto3 calls such as iam.get_policy_version().
Boundary markers: There are no delimiters or instructions to ignore embedded commands within the retrieved data.
Capability inventory: The script has the ability to execute shell commands (via pacu) and perform file system writes.
Sanitization: The script does not validate or sanitize the policy content or metadata before processing it, potentially allowing malicious content in an AWS environment to influence the agent's behavior.

performing-cloud-penetration-testing-with-pacu