The Agent Skills Directory

[DATA_EXFILTRATION]: The skill describes a technique for covert data exfiltration using the AWS CloudWatch RUM service, leveraging trusted AWS domains to bypass network security filters and data loss prevention systems.
[COMMAND_EXECUTION]: Instructions include the scanning of sensitive paths such as /.env and /config.json, and the retrieval of IAM credentials from the AWS Instance Metadata Service at 169.254.169.254 via SSRF patterns.
[EXTERNAL_DOWNLOADS]: The skill references the use of the official LocalStack Docker image for cloud simulation and mentions third-party security tools such as the Pacu framework for IAM enumeration.
[PROMPT_INJECTION]: The instructions create an indirect prompt injection surface by directing the agent to ingest and parse untrusted external JavaScript bundles to extract configuration identifiers.
Ingestion points: External web page source code and JavaScript bundles (SKILL.md).
Boundary markers: Absent; there are no instructions to the agent to treat the retrieved content as data rather than instructions.
Capability inventory: The agent has access to curl, aws-cli, and grep, which can be used for network exfiltration and processing of sensitive credentials.
Sanitization: Extracted configuration strings are not validated or sanitized before being used in subsequent commands.

hunt-cloud-misconfig