The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): The skill utilizes shell scripts that execute system binaries like aws, curl, and python3. It constructs commands based on environment variables to monitor service health and retrieve logs, which is a standard but privileged operation for infrastructure tools.
[PROMPT_INJECTION] (LOW): There is a potential for Indirect Prompt Injection through application logs. 1. Ingestion points: Untrusted data enters the context via aws logs filter-log-events (referenced in scripts/cloudwatch-logs.sh). 2. Boundary markers: The documentation does not specify any delimiters or instructions to ignore embedded prompts in logs. 3. Capability inventory: The skill can perform AWS API calls, write to the local filesystem (e.g., ./data/), and make network requests via curl. 4. Sanitization: No sanitization or escaping of log content is mentioned; the scripts perform pattern matching to categorize errors.

aws-ecs-monitor