The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): The skill includes a shell script scripts/validate-stack.sh designed to validate AWS CDK stacks.
Evidence: The script performs local environment checks (cdk --version), detects the project language by checking for local files (e.g., package.json, requirements.txt), and runs cdk synth to generate CloudFormation templates.
Risk Assessment: The operations are standard for infrastructure-as-code development environments. It does not perform network operations (other than those inherent to the cdk CLI) and operates only on the local project directory. The execution is intended for pre-deployment validation as described in the documentation.
[DATA_EXFILTRATION] (SAFE): No patterns for unauthorized data access or exfiltration were detected. The skill explicitly promotes the use of AWS Secrets Manager for sensitive data.
[PROMPT_INJECTION] (SAFE): The 'CRITICAL' and 'IMPORTANT' markers used in SKILL.md are benign instructional reinforcements for the agent (e.g., reminding it to use MCP tools or avoid manual resource naming) rather than attempts to bypass safety filters.

infrastructure-code-synthesis