The Agent Skills Directory

Command Execution: The skill utilizes the gcloud CLI to enable services and perform IAM policy simulations.
Context: It includes security-conscious instructions, such as requiring explicit user authorization before enabling APIs and advising against the use of shell redirections or pipes when executing commands. This helps minimize common command injection risks.
File System Interaction: The skill creates and manages temporary files in the /tmp directory and reads user-provided JSON policy files.
Evidence: Instructions specify the creation of /tmp/proposed_policy_SIM_ID.json and /tmp/raw_result_SIM_ID.json. A cleanup procedure is included to delete these temporary artifacts after execution, which is a standard security best practice.
Indirect Prompt Injection Surface: The skill processes external data from JSON batches provided by the user or read from local files.
Context: Because this data influences parameters used in subsequent tool calls (like resource names or policy contents), there is a theoretical surface for indirect injection. However, the skill's focus on structured JSON parsing and direct tool usage helps mitigate potential instruction-overriding attempts.

iam-recommendations-simulator