The Agent Skills Directory

[OBFUSCATION]: In the file instance-management.md, a Base64-encoded string is used within an AWS Launch Template for the UserData field. Decoding the string IyEvYmluL2Jhc2gKeXVtIHVwZGF0ZSAteQo= reveals a benign initialization script (#!/bin/bash\nyum update -y) used for standard system updates. This is a common and expected practice in AWS automation.
[DATA_EXPOSURE]: The skill provides examples for querying the AWS Instance Metadata Service (IMDSv2) at the link-local address 169.254.169.254. This is the standard, secure method for EC2 instances to retrieve internal configuration and session tokens. No external data exfiltration is attempted.
[EXTERNAL_DOWNLOADS]: The skill references official documentation from docs.aws.amazon.com and boto3.amazonaws.com. These are trusted well-known services. The Python scripts include standard dependencies on boto3 and requests, which are routine for interacting with AWS APIs and the metadata service.

ec2